微舆：人人可用的多Agent舆情分析助手，打破信息茧房，还原舆情原貌，预测未来走向，辅助决策！从0实现，不依赖任何框架。

SWE-agent takes a GitHub issue and tries to automatically fix it, using your LM of choice. It can also be employed for offensive cybersecurity or competitive coding challenges. [NeurIPS 2024]

CTF framework and exploit development library

Exploitation Framework for Embedded Devices

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

A powerful and user-friendly binary analysis platform!

CTFs as you need them

A True Instrumentable Binary Emulation Framework

Scalable fuzzing infrastructure.

DeepAudit：人人拥有的 AI 黑客战队，让漏洞挖掘触手可及。国内首个开源的代码漏洞挖掘多智能体系统。小白一键部署运行，自主协作审计 + 自动化沙箱 PoC 验证。支持 Ollama 私有部署 ，一键生成报告。支持中转站。​让安全不再昂贵，让审计不再复杂。

This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF, PE and Mach-O format on x86, x64, ARM, ARM64, PowerPC, SPARC, MIPS, RISC-V 64, a…

Loki - Simple IOC and YARA Scanner

IDA plugin which queries language models to speed up reverse-engineering

One of a few malware collections on the GitHub.

A fork and successor of the Sulley Fuzzing Framework

LLM powered fuzzing via OSS-Fuzz.

Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read

Python module for viewing Portable Executable (PE) files in a tree-view using pefile and PyQt5. Can also be used with IDA Pro and Rekall to dump in-memory PE files and reconstruct imports.

FuzzBench - Fuzzer benchmarking as a service.

Automatic Exploit Generation (AEG) and remote flag capture for exploitable CTF problems

Provides automated reverse engineering assistance through the use of local large language models (LLMs) on consumer hardware.

A Course on Intermediate Level Linux Exploitation

FirmWire is a full-system baseband firmware emulation platform for fuzzing, debugging, and root-cause analysis of smartphone baseband firmwares

Cuckoo3 is a Python 3 open source automated malware analysis system.

the Network Protocol Fuzzer that we will want to use.

The 'exploitable' GDB plugin

AI-powered workflow automation and AI Agents platform for AppSec, Fuzzing & Offensive Security. Automate vulnerability discovery with intelligent fuzzing, AI-driven analysis, and a marketplace of s…

A decompiler-agnostic plugin for interacting with AI in your decompiler. GPT-4, Claude, and local models supported!

Shellphish's automated exploitation engine, originally created for the Cyber Grand Challenge.