If you made it all the way here, you might as well check out some of my projects andwhere I blog 😊. Oh, and if you want to say hi, come hangout on theDiary of a reverse-engineer's discord:invite!

• wtf: A distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows,
• windbg-scripts: A collection of JavaScript debugger extensions for WinDbg,
• kdmp-parser /udmp-parser: C++ libraries to parse Windows kernel and usermode dumps (udmp-parser-rs /kdmp-parser-rs for Rust crates),
• 🔮 clairvoyance: Visualize the virtual address space of a Windows process on a Hilbert curve,
• symbolizer-rs: A fast execution trace symbolizer for Windows that runs on all major platforms and doesn't depend on any Microsoft libraries,
• SiC: Enumerate user mode shared memory mappings on Windows,
• KEPaboo: Neutralize KEPServerEX anti-debugging techniques,
• rp-bf.rs: A library to bruteforce ROP gadgets by emulating a Windows user-mode crash-dump,
• Various CVE PoCs fortcpip.sys (CVE-2021-24086),http.sys (CVE-2021-31166), Hyper-V (CVE-2021-28476), Realtek'sRTKVHD64.sys driver (CVE-2021-32537) and the Mozilla browser (CVE-2022-28281),
• Modern Debugging with WinDbg Preview: Workshop that@hugsy and I ran during Defcon 27.

• Paracosme: Zero-click remote memory corruption exploit that compromises ICONICS Genesis64 (Pwn2Own Miami 2022),
• Longue vue: Over-the-web remote compromise exploit chain for NETGEAR DGND3700v2 devices,
• Zenith: Remote kernel exploit for the TP-Link AC1750 Smart Wi-Fi Router (Pwn2Own Austin 2021),
• Pwn2Own Miami 2023: Writeups/PoCs for bugs I found while preparing for Pwn2Own Miami 2023 targeting UaGateway in the OPC UA Server category,
• CVE-2019-11708: Full chain for CVE-2019-11708 & CVE-2019-9810,
• CVE-2019-9810: RCE exploit for Firefox on Windows.

• rp: A fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM binaries,
• z3-playground: A bunch of Z3-python scripts that can be used as examples, reminders, etc.
• Theorem prover, symbolic execution and practical reverse-engineering: Presentation I gave in Lille, France in 2015,
• teesee-calc: A simple web application that allows you to visualize and compare total compensation packages.

Popular repositoriesLoading

1. rprpPublic

   rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.

   C++ 2.1k 268

2. wtfwtfPublic

   wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-m…

   C++ 1.7k 143

3. CVE-2021-31166CVE-2021-31166Public archive

   Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely.

   Python 832 139

4. CVE-2019-11708CVE-2019-11708Public archive

   Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit.

   JavaScript 623 79

5. stuffzstuffzPublic

   Basically a script thrift shop

   C 589 126

6. windbg-scriptswindbg-scriptsPublic

   A bunch of JavaScript extensions for WinDbg.

   JavaScript 356 48