Cr4sh

followers

following

stars

http://blog.cr4.sh/

Dmytro Oleksiuk's repositories

s6_pcie_microblaze

PCI Express DIY hacking toolkit for Xilinx SP605. This repository is also home of Hyper-V Backdoor and Boot Backdoor, check readme for links and info

Language:C683 480

ThinkPwn

Started as arbitrary System Management Mode code execution exploit for Lenovo ThinkPad model line, ended as exploit for industry-wide 0day vulnerability in machines of many vendors

Language:CGPL-3.0653 500

SmmBackdoor

First open source and publicly available System Management Mode backdoor for UEFI based platforms. Good as general purpose playground for various SMM experiments.

Language:CGPL-3.0558 460

MicroBackdoor

Small and convenient C2 tool for Windows targets. [ Русский -- значит нахуй! ]

Language:C++GPL-3.0550 170

openreil

Open source library that implements translator and tools for REIL (Reverse Engineering Intermediate Language)

Language:CNOASSERTION489 660

WindowsRegistryRootkit

Kernel rootkit, that lives inside the Windows registry values data

Language:C472 440

KernelForge

A library to develop kernel level Windows payloads for post HVCI era

Language:C++330 120

fwexpl

PC firmware exploitation tool and library

Language:C++GPL-3.0243 250

SmmBackdoorNg

Updated version of System Management Mode backdoor for UEFI based platforms: old dog, new tricks

Language:CGPL-3.0239 70

PeiBackdoor

PEI stage backdoor for UEFI compatible firmware

Language:CGPL-3.0201 130

ioctlfuzzer

Automatically exported from code.google.com/p/ioctlfuzzer

Language:C154 120

UEFI_boot_script_expl

CHIPSEC module that exploits UEFI boot script table vulnerability

Language:Python132 210

smram_parse

System Management RAM analysis tool

Language:PythonGPL-3.070 60

Aptiocalypsis

Arbitrary SMM code execution exploit for industry-wide 0day vulnerability in AMI Aptio based firmwares

Language:PythonGPL-3.058 90

qc_debug_monitor

Debug messages monitor for Qualcomm cellular modems

Language:Python52 90

zc_pcie_dma

DMA attacks over PCI Express based on Xilinx Zynq-7000 series SoC

Language:Tcl50 40

secretnet_expl

LPE exploits for Secret Net and Secret Net Studio

Language:C++49 70

pico_dma

Autonomous pre-boot DMA attack hardware implant for M.2 slot based on PicoEVB development board

Language:C48 30

DbgCb

Engine for communication with remote kernel debugger (KD, WinDbg) from drivers and applications

Language:C++35 60

prl_guest_to_host

Guest to host VM escape exploit for Parallels Desktop

Language:C++27 60

IDA-UbiGraph

IDA Pro plug-in and tools for displaying 3D graphs of procedures using UbiGraph

Language:C++23 60

efiXplorer

IDA plugin for UEFI firmware analysis and reverse engineering automation

Language:C++GPL-3.010 30

r0ak

r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems

Language:C9 30

capstone

Capstone disassembly/disassembler framework: Core (Arm, Arm64, Mips, PPC, Sparc, SystemZ, X86, X86_64, XCore) + bindings (Python, Java, Ocaml)

Language:C++NOASSERTION5 30

masscan

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

Language:CNOASSERTION5 20

blog

Stuff for blog.cr4.sh website

4 40

PowerShell-Suite

My musings with PowerShell

Language:PowerShellBSD-3-Clause3 20

chipsec

Platform Security Assessment Framework

Language:CGPL-2.02 20

portage

Portage Package Manager - this is just a mirror, see https://wiki.gentoo.org/wiki/Project:Portage#Contributing_to_Portage

Language:PythonGPL-2.02 30

vmlinux-to-elf

A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms)

Language:PythonGPL-3.01 10