IDA Pro plugin for query based searching within the binary useful mainly for vulnerability research.

Activation cache poisoning to elevate from medium to high integrity (CVE-2024-6769)

Binary code static analyser, with IDA integration. Performs value and taint analysis, type reconstruction, use-after-free and double-free detection

NanoKVM: Affordable, Multifunctional, Nano RISC-V IP-KVM

FormatFuzzer is a framework for high-efficiency, high-quality generation and parsing of binary inputs.

Security research helper for CLFS drivers

The repo contains all the the notes, slides, and study material for my workshop at DEFCON 32 at the Bug Bounty Village

A DOM fuzzer

Fuzzing IoT Devices Using the Router TL-WR902AC as Example

AFLNet: A Greybox Fuzzer for Network Protocols (https://thuanpv.github.io/publications/AFLNet_ICST20.pdf)

LLM powered fuzzing via OSS-Fuzz.

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

scalpel是一款命令行漏洞扫描工具，支持深度参数注入，拥有一个强大的数据解析和变异算法，可以将常见的数据格式（json, xml, form等）解析为树结构，然后根据poc中的规则，对树进行变异，包括对叶子节点和树结构 的变异。变异完成之后，将树结构还原为原始的数据格式。

CVE-2024-37081: Multiple Local Privilege Escalation in VMware vCenter Server

Recent Fuzzing Paper

a signal handler race condition in OpenSSH's server (sshd)

A structure-aware grey box fuzzer based on modeling the input processing logic.

A fuzzer for full VM kernel/driver targets

A Pwn2Own 2024 SpiderMonkey JIT Bug: From Integer Range Inconsistency to Bound Check Elimination then RCE

Hyper-V Research is trendy now

Hyper-V Research is trendy now

An OLLVM-CFF Deobfuscation Plugin

基于 hex-rays microcode 的伪代码优化器，使用数据流跟踪，程序切片，混合执行