exploits
A handy collection of my public exploits, all in one place. (by 0xdea)
vulns
Named vulnerabilities and their practical impact (by hannob)
| exploits | vulns | |
|---|---|---|
| 3 | 2 | |
| 574 | 425 | |
| - | - | |
| 2.8 | 10.0 | |
| 4 months ago | over 2 years ago | |
| C | ||
| MIT License | GNU General Public License v3.0 or later |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
exploits
Posts with mentions or reviews of exploits.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-01-18.
-
Nothing new under the Sun - Discovering and exploiting a CDE bug chain
I have identified multiple security vulnerabilities that are exploitable via the the setuid-root dtprintinfo binary from the Common Desktop Environment (CDE) distributed with Oracle Solaris 10. I demonstrated the possibility to chain together a printer name injection bug in dtprintinfo and a stack-based buffer overflow in libXm to achieve local privilege escalation to root on a fully-patched Solaris 10 system. The exploit is available at https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintlibXmas.c.
- [ITA] - Marco Ivaldi aka raptor
-
Multiple vulnerabilities in Zyxel zysh
The format string exploit written in Tcl/Expect (!) is here: https://github.com/0xdea/exploits/blob/master/zyxel/raptor_zysh_fhtagn.exp
vulns
Posts with mentions or reviews of vulns.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-10-19.
What are some alternatives?
When comparing exploits and vulns you can also consider the following projects:
vulns - HN Security's advisories.
RowPress - Source code & scripts for experimental characterization and real-system demonstration of RowPress, a widespread read disturbance phenomenon in DRAM that is different from RowHammer. Described in our ISCA'23 paper by Luo et al. at https://people.inf.ethz.ch/omutlu/pub/RowPress_isca23.pdf
WendzelNNTPd - A usable and IPv6-ready Usenet-server (NNTP daemon). It is portable (Linux/*BSD/*nix), supports AUTHINFO authentication, contains ACL as well as role based ACL and provides "invisible" newsgroups. It can run on MySQL and SQLite backends.
raptor_infiltrate20 - #INFILTRATE20 raptor's party pack.
arp-scan - The ARP Scanner
mg - Micro (GNU) Emacs-like text editor ❤️ public-domain