🎻 Automatic Exploit Generation using symbolic execution

Overview

S2E Library

This repository contains all the necessary components to build libs2e.so. This shared library is preloaded in QEMU to enable symbolic execution.

Please refer to the documentation in the docs directory for build and usage instructions. You can also find it online on https://s2e.systems/docs.

You might also like...
Mystikos is a set of tools for running applications in a hardware trusted execution environment (TEE)
Mystikos is a set of tools for running applications in a hardware trusted execution environment (TEE)

Mystikos is a set of tools for running applications in a hardware trusted execution environment (TEE). The current release supports Intel ® SGX while other TEEs may be supported in future releases. Linux is also a supported target, though only suitable for testing purposes as it provides no additional protection.

PoC for CVE-2021-28476 a guest-to-host
PoC for CVE-2021-28476 a guest-to-host "Hyper-V Remote Code Execution Vulnerability" in vmswitch.sys.

CVE-2021-28476: a guest-to-host "Microsoft Hyper-V Remote Code Execution Vulnerability" in vmswitch.sys. This is a proof of concept for CVE-2021-28476

x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration
x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration

anycall x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration Read: https://www.godeye.club/2021/05/14/0

New lateral movement technique by abusing Windows Perception Simulation Service to achieve DLL hijacking code execution.
New lateral movement technique by abusing Windows Perception Simulation Service to achieve DLL hijacking code execution.

BOF - Lateral movement technique by abusing Windows Perception Simulation Service to achieve DLL hijacking ServiceMove is a POC code for an interestin

Elven relativism -- relocation and execution of aarch64 ELF relocatable objects (REL)
Elven relativism -- relocation and execution of aarch64 ELF relocatable objects (REL)

elvenrel Elven Relativism -- relocation and execution of aarch64 ELF relocatable objects (REL) on Linux and macOS. Program loads a multitude of ELF RE

RR4J is a tool that records java execution and later allows developers to replay locally.
RR4J is a tool that records java execution and later allows developers to replay locally.

RR4J [Record Replay 4 Java] RR4J is a tool that records java execution and later allows developers to replay locally. The tool solves one of the chall

A Windows user-mode shellcode execution tool that demonstrates various techniques that malware uses
A Windows user-mode shellcode execution tool that demonstrates various techniques that malware uses

Jektor Toolkit v1.0 This utility focuses on shellcode injection techniques to demonstrate methods that malware may use to execute shellcode on a victi

Inject dll to cmd.exe to prevent file execution.

Console-Process-Execution Inject dll to cmd.exe to prevent file execution. Requierments: Microsoft Detours Library - https://github.com/microsoft/Deto

Owner
ᴀᴇꜱᴏᴘʜᴏʀ
M.S. Student @ NCTU. Interested in modern C++, kernel and pwning.
ᴀᴇꜱᴏᴘʜᴏʀ
Maat is an open-source Dynamic Symbolic Execution and Binary Analysis framework

About Maat is an open-source Dynamic Symbolic Execution and Binary Analysis framework. It provides various functionalities such as symbolic execution,

Trail of Bits 525 Dec 27, 2022
Harsh Badwaik 1 Dec 19, 2021
Windows 10 interface adjustment tool supports automatic switching of light and dark modes, automatic switching of themes and transparent setting of taskbar

win10_tools Windows 10 interface adjustment tool supports automatic switching of light and dark modes, automatic switching of themes and transparent s

Simon 1 Dec 3, 2021
Some hypervisor research notes. There is also a useful exploit template that you can use to verify / falsify any assumptions you may make while auditing code, and for exploit development.

Introduction Over the past few weeks, I've been doing some hypervisor research here and there, with most of my focus being on PCI device emulation cod

Faith 130 Nov 18, 2022
SANM: A Symbolic Asymptotic Numerical Solver

SANM: A Symbolic Asymptotic Numerical Solver This repository is the official implementation of the SANM solver described in our paper to appear at SIG

Kai Jia 28 Sep 22, 2022
Metamath - Meta mathematics. Symbolic functions and derivatives.

metamath Meta mathematic metamath is a tiny header-only library. It can be used for symbolic computations on single-variable functions, such as dynami

eg 31 Nov 4, 2022
A refactored Proof-of-concept originally developed in 2017 to print all function calls with their arguments data types and values using Ptrace during program execution.

print-function-args-debugger A refactored Proof-of-concept originally developed in 2017 to print all function calls with their arguments data types an

*finixbit 15 Jun 17, 2022
CPU Performance Evaluation and Execution Time Prediction Using Narrow Spectrum Benchmarking

This is a simple implementation of Saavedra-Barrera's paper SAAVEDRA-BARRERA R H. CPU Performance Evaluation and Execution Time Prediction Using Narrow Spectrum Benchmarking[D/OL]. UCB/CSD92-684. EECS Department, University of California, Berkeley, 1992.

null 9 Jan 27, 2022
Automatic plant growing and monitoring system using Arduino

Plant Automatic Growing and Monitoring System Roadmap Read sensors Ambient Temperature Ambient Moisture Ambient Light Soil Moisture LCD with custom ch

Diego Santos Seabra 1 Oct 7, 2021
Gex is an iOS 14.7 jailbreak using CVE-2021-30807 IOMFB exploit

Gex is an iOS 14.7 jailbreak using CVE-2021-30807 IOMFB exploit rest of this readme is from jsherman212's exploit repo and probably stuff that is abou

Connor 5 Apr 19, 2022