Stars
CVE-Bench: A Benchmark for AI Agents’ Ability to Exploit Real-World Web Application Vulnerabilities
Produce code coverage reports for AFL++ fuzzing campaigns with source code or in binary-only mode
Open-Source Chrome extension for AI-powered web automation. Run multi-agent workflows using your own LLM API key. Alternative to OpenAI Operator.
PalisadeResearch / intercode
Forked from princeton-nlp/intercodehttps://arxiv.org/abs/2412.02776
WinVisor - A hypervisor-based emulator for Windows x64 user-mode executables using Windows Hypervisor Platform API
Paper and implementation of "SAND: Decoupling Sanitization from Fuzzing for Low Overhead"
Static binary instrumentation for windows kernel drivers, to use with winafl
CTF平台 支持docker 动态部署题目、分数统计、作弊检测,静态题目,漏洞复现,ctf platform,
SWE-agent takes a GitHub issue and tries to automatically fix it, using your LM of choice. It can also be employed for offensive cybersecurity or competitive coding challenges. [NeurIPS 2024]
A patched QEMU that exposes an interface for LibAFL-based fuzzers
Only included Word, Excel, PowerPoint.
Morion is a PoC tool to experiment with symbolic execution on real-word (ARMv7) binaries.
A prototype of Shared-keywords aware Taint Checking, a novel static analysis approach that tracks the data flow of the user input between front-end and back-end to precisely detect security vulnera…
SymQEMU: Compilation-based symbolic execution for binaries
Shellphish's automated exploitation engine, originally created for the Cyber Grand Challenge.
S2E: A platform for multi-path program analysis with selective symbolic execution.
A low-overhead dynamic binary instrumentation and modification tool for ARM (both AArch32 and AArch64 support) and RISC-V (RV64GC).
Module for automatically generating exploits 💎
Fuzzing IoT Devices Using the Router TL-WR902AC as Example