pwndbg
dnscat2
pwndbg | dnscat2 | |
---|---|---|
9 | 5 | |
6,726 | 3,258 | |
1.8% | - | |
9.5 | 0.0 | |
6 days ago | about 2 months ago | |
Python | PHP | |
MIT License | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pwndbg
-
Any tips for newish C debugging please.
By far the best debugger for C is gdb+pwndbg (https://github.com/pwndbg/pwndbg)
- Need help installing pwndbg on Kali Linux
-
Hacked GDB Dashboard Puts It All on Display
There are a lot of these types of tools already in the reverse engineering community (in order of lowest chance of breaking when you throw really weird stuff at it):
GEF: https://gef.readthedocs.io/en/master/
PWNDBG: https://github.com/pwndbg/pwndbg
PEDA: https://github.com/longld/peda
They also come with a slew of different features to aid in RE/exploit dev, but many of them are also useful for debugging really weird issues.
-
Debugging with GDB
GDB is great. I definitely recommend checking out watchpoints as well, a very useful tool for monitoring how a variable changes over time.
GDB also has many good plugins - pwndbg has tons of features and UI improvements over stock GDB.
https://github.com/pwndbg/pwndbg
-
Making GDB Easier: The TUI Interface
I've recently started a new semester for my Master's program, and the first project for the semester involves using the GDB tool (GNU Debugger) to analyze a stack on a simple C program that contains a buffer overflow vulnerability. A couple of semesters ago, I had been given a VM pre-loaded with a more featured debugger tool called pwndbg. Pwndbg was excellent because it was easy to use and easily allowed accessed to information such as current assembly code being executed and a view of the program registers. So, going back to using GDB felt a little like stepping back into the stone age.
-
Awesome CTF : Top Learning Resource Labs
Pwndbg - A GDB plugin that provides a suite of utilities to hack around GDB easily.
- Trouble downloading pwndbg
-
Problem in downloading pwndbg
i have peda installed on my gdb and now i am trying to install pwndbg with git clone https://github.com/pwndbg/pwndbg cd pwndbg ./setup.sh
dnscat2
- HOUDINI: A web app with huge number of Docker Images for Network Security with run commands and cheatsheet (Hundreds of Offensive and Useful Docker Images for Network Intrusion )
-
Awesome CTF : Top Learning Resource Labs
Dnscat2 - Hosts communication through DNS.
- Are there any methods to protect against DNS tunneling (non-encrypted) in an open-source firewall appliance?
-
Awesome Penetration Testing
dnscat2 - Tool designed to create an encrypted command and control channel over the DNS protocol, which is an effective tunnel out of almost every network.
-
DNS exfiltration of data: step-by-step simple guide
Another commonly used tool is dnscat. I’ve seen it successfully used by adversaries and during pentests.
What are some alternatives?
gef - GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux
iodine - Official git repo for iodine dns tunnel
peda - PEDA - Python Exploit Development Assistance for GDB
Metasploit - Metasploit Framework
pwntools - CTF framework and exploit development library
RsaCtfTool - RSA attack tool (mainly for ctf) - retrieve private key from weak public key and/or uncipher data
gdb-dashboard - Modular visual interface for GDB in Python
one_gadget - The best tool for finding one gadget RCE in libc.so.6
hashcat - World's fastest and most advanced password recovery utility
voltron - A hacky debugger UI for hackers
bettercap - The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.