Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

Proofs-of-concept

iblessing is an iOS security exploiting toolkit, it mainly includes application information gathering, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.

Android Kernel Exploitation

OPCDE Cybersecurity Conference Materials

PC firmware exploitation tool and library

Fuzzing tutorial with easy-to-learn labs 🚀

Unreal Engine 4 vulnerability, that allows you to run shellcode directly into the target game process, to load any DLL undetected from most game anti cheats, such as Easy Anti Cheat, BattleEye, Ricochet, Vanguard, ATG, and more.

PoC demonstrating the use of cve-2020-1034 for privilege escalation

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

Report and exploit of CVE-2023-36427

retools: a reverse engineering toolkit for normies

A static binary vulnerability scanner

LPE exploits for Secret Net and Secret Net Studio

Analysis of the vulnerability

灵取证是一款功能强大且专业的安卓设备数据取证工具，专门为执法部门、司法机构和安全调查人员设计开发。本工具采用先进的取证技术，确保数据提取过程的完整性和准确性。本工具的开发和使用严格遵循相关法律法规框架，确保所有数据提取操作都在合法授权范围内进行。通过专业的数据处理流程，为执法调查工作提供可靠的电子证据支持。

Report and exploit of CVE-2024-21305.

Plusfish is a classic web application vulnerability scanner/fuzzer and aimed at security professionals

Guest to host VM escape exploit for Parallels Desktop