Cr4sh

followers

following

stars

http://blog.cr4.sh/

Dmytro Oleksiuk's repositories

s6_pcie_microblaze

PCI Express DIY hacking toolkit for Xilinx SP605. This repository is also home of Hyper-V Backdoor and Boot Backdoor, check readme for links and info

Language:C744 490

ThinkPwn

Started as arbitrary System Management Mode code execution exploit for Lenovo ThinkPad model line, ended as exploit for industry-wide 0day vulnerability in machines of many vendors

Language:CGPL-3.0669 510

SmmBackdoor

First open source and publicly available System Management Mode backdoor for UEFI based platforms. Good as general purpose playground for various SMM experiments.

Language:CGPL-3.0581 470

MicroBackdoor

Small and convenient C2 tool for Windows targets. [ Русский -- значит нахуй! ]

Language:C++GPL-3.0566 180

openreil

Open source library that implements translator and tools for REIL (Reverse Engineering Intermediate Language)

Language:CNOASSERTION494 660

WindowsRegistryRootkit

Kernel rootkit, that lives inside the Windows registry values data

Language:C488 440

KernelForge

A library to develop kernel level Windows payloads for post HVCI era

Language:C++366 120

SmmBackdoorNg

Updated version of System Management Mode backdoor for UEFI based platforms: old dog, new tricks

Language:CGPL-3.0279 100

fwexpl

PC firmware exploitation tool and library

Language:C++GPL-3.0246 260

PeiBackdoor

PEI stage backdoor for UEFI compatible firmware

Language:CGPL-3.0209 140

ioctlfuzzer

Automatically exported from code.google.com/p/ioctlfuzzer

Language:C156 130

UEFI_boot_script_expl

CHIPSEC module that exploits UEFI boot script table vulnerability

Language:Python132 220

smram_parse

System Management RAM analysis tool

Language:PythonGPL-3.072 70

pico_dma

Autonomous pre-boot DMA attack hardware implant for M.2 slot based on PicoEVB development board

Language:C65 40

Aptiocalypsis

Arbitrary SMM code execution exploit for industry-wide 0day vulnerability in AMI Aptio based firmwares

Language:PythonGPL-3.064 100

qc_debug_monitor

Debug messages monitor for Qualcomm cellular modems

Language:Python57 100

zc_pcie_dma

DMA attacks over PCI Express based on Xilinx Zynq-7000 series SoC

Language:Tcl57 50

secretnet_expl

LPE exploits for Secret Net and Secret Net Studio

Language:C++51 80

DbgCb

Engine for communication with remote kernel debugger (KD, WinDbg) from drivers and applications

Language:C++36 70

prl_guest_to_host

Guest to host VM escape exploit for Parallels Desktop

Language:C++28 70

IDA-UbiGraph

IDA Pro plug-in and tools for displaying 3D graphs of procedures using UbiGraph

Language:C++25 70

efiXplorer

IDA plugin for UEFI firmware analysis and reverse engineering automation

Language:C++GPL-3.010 30

r0ak

r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems

Language:C10 30

blog

Stuff for blog.cr4.sh website

5 50

capstone

Capstone disassembly/disassembler framework: Core (Arm, Arm64, Mips, PPC, Sparc, SystemZ, X86, X86_64, XCore) + bindings (Python, Java, Ocaml)

Language:C++NOASSERTION5 30

masscan

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

Language:CNOASSERTION5 20

PowerShell-Suite

My musings with PowerShell

Language:PowerShellBSD-3-Clause3 20

chipsec

Platform Security Assessment Framework

Language:CGPL-2.02 20

portage

Portage Package Manager - this is just a mirror, see https://wiki.gentoo.org/wiki/Project:Portage#Contributing_to_Portage

Language:PythonGPL-2.02 30

vmlinux-to-elf

A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms)

Language:PythonGPL-3.01 10