453 Open source projects that are alternatives of or similar to On Pwning

Automatic SSRF fuzzer and exploitation tool

EmpireCTF – write-ups, capture the flag, cybersecurity

How to exploit a double free vulnerability in 2021. Use After Free for Dummies

📚 VoidHack CTF write-ups

A thorough library database to assist with binary exploitation tasks.

Good to know, easy to forget information about binaries and their exploitation!

Exploiting challenges in Linux and Windows

Very vulnerable ARM/AARCH64 application (CTF style exploitation tutorial with 14 vulnerability techniques)

台大 計算機安全 - Pwn 簡報、影片、作業題目與解法 - Computer Security Fall 2019 @ CSIE NTU Taiwan

Linux Heap Exploitation Practice

A collection of pwn/CTF related utilities for Ghidra

Course materials for Modern Binary Exploitation by RPISEC

🌸 Interactive shellcoding environment to easily craft shellcodes

Micro-framework for rapid development of reusable security tools

CTF write-ups by PDKT team with English and Indonesian language

CTF writeups

Backwards program slice stitching for automatic CTF problem solving.

Venom - A Multi-hop Proxy for Penetration Testers

Some of my CTF solutions

CTF framework and exploit development library

Exploit code for CVE-2016-9066

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

This tool aims at automating the identification of potential service running behind ports identified manually either through manual scan or services running locally. The tool is useful when nmap or any scanning tool is not available and in the situation during which you did a manual port scanning and then want to identify the services running behind the identified ports.

Remote exploitation framework written in Python

Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC, SPARC64). For disassembly ropper uses the awesome Capstone Framework.

CTF Field Guide

Writeup of security — CTFLearn Challenges.

Exploitation and Mitigation Slides

Free Labs to Train Your Pentest / CTF Skills

A sandbox to protect your pwn challenges being pwned in CTF AWD.

Blind Attacking Framework

ctfcli is a tool to manage Capture The Flag events and challenges

Here record some tips about pwn. Something is obsoleted and won't be updated. Sorry about that.

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

Security Evaluation of Dynamic Binary Instrumentation Engines

Library consisting of explanation and implementation of all the existing attacks on various Encryption Systems, Digital Signatures, Key Exchange, Authentication methods along with example challenges from CTFs

Writeups for HacktheBox 'boot2root' machines

Writeup of CVE-2020-15906

✔️ CTF problems and solutions solved by Qwaz

A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

AWD 自动化攻击框架

Docker based Wargame Platform - To practice your CTF skills

(mostly web related) web challenge writeups between 2011 and 2015

Snoop — инструмент разведки на основе открытых данных (OSINT world)

won't maintain

Riscure Hack Me embedded hardware CTF 2017-2018.

An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Build a database of libc offsets to simplify exploitation

DEFCON 2018 Qualification writeups

wide range mass audit toolkit

PwnableWeb is a suite of web applications for use in information security training.

Detect hidden files and text in images

China's first CTFTools framework.中国国内首个CTF工具框架,旨在帮助CTFer快速攻克难关

🔗 All the resources I could find for learning Ethical Hacking and Penetration Testing.

oscp-ctf is a small collection of basic Bash scripts that make life easier and save time whether you are in the OSCP labs, HackThebox or playing around with CTFs.

For effective cheating detection in competitions. Utilizes Linux Kernel Module (LKM) for generating flags.