aslr

Function order shuffling to defend against ROP and other types of code reuse

Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)

Docker image with ffmpeg/ffprobe binaries built as hardened static PIE binaries with no external dependencies

Analyzer of security features in executable binaries

Red-team tool to hook libc read syscall with a buffer overflow vulnerability.

The project collects the gadgets and records the time to obtain gadgets from a process by utilizing an attack technique called Just-In-Time Return-Oriented Programming (JIT-ROP). We utilize the JIT-ROP technique to evaluate different fine-grained address space layout randomization (ASLR) schemes and measure the upper bound of effective re-randomization intervals. Our evaluation and measurements have been published in ACM CCS 2020. We implement a native version of the JIT-ROP technique.

libc_database python wrapper for exploit automation

Check various security hardening features on ELF, PE and Mach-O binaries

Repo code for the related post on SecSI Blog: https://secsi.io/blog/blueborne-kill-chain-on-dockerized-android

collection of articles of random topics for private research purposes

Shell script to launch a Bash instance, from which all child processes will have ASLR disabled

Run program without ASLR (supports Linux and macOS)

LD_PRELOADed library to randomize malloc and friends.

Modern Binary Exploitation write-ups.

Check to ASLR from Windows x86 EXE file and disable it.

Dynamic loading with privilege separation

Buffer Overflow attacks on Linux

Examining overflow exploits in C programs, and the various protection mechanisms that tries to prevent them.

A module for CMake to enable various mitigations implemented in compilers

This lab required the execution of a buffer-overflow attack variant, known as return-to-libc, bypassing existing protection schemes implemented in Linux OS.