projects
- buffer overflow lab https://github.com/peterpeerdeman/buffer-overflow-lab/tree/master/exploit-rust
kpcyrd codebases
- https://github.com/kpcyrd/sn0int - the project I spent most of my recent time on, I wasn’t fully satisfied with other recon tools and I had some opinions so I started to write my own
- https://github.com/kpcyrd/sniffglue - I used tcpdump a lot but thought the output could be a bit friendlier, also wireshark has vulnerabilities quite frequently and tcpdump occasionally has some too
- https://github.com/kpcyrd/boxxy-rs - this is the closest to actual exploit development I have, I got into an argument with a friend about my sandboxing work in sniffglue and ended up writing a shell that can be compiled into other projects so you can inspect the process/sandbox from the inside. It has some features that other comments claimed would be hard, like executing shell code.
- https://github.com/kpcyrd/badtouch - this is basically a bruteforce framework and rust is used to abstract concurrency and other boilerplate. During one assessment I could max out an aws outscaling group with this.
- https://github.com/kpcyrd/rshijack - a rust rewrite of a C tool to hijack tcp connections and I later added additional features
- https://github.com/kpcyrd/burritun - this was a one-of to get a tool to work over openvpn that couldn’t deal with tun devices on its own
- https://github.com/kpcyrd/progpick - nothing too exciting, but generates permutations in case you forgot some details in a password
- https://github.com/kpcyrd/defcon26-pow- the original script was in single threaded python so I ended up rewriting it in multi-threaded rust, which allowed our team to enter almost every challenge instantly.
- https://github.com/Gymmasssorla/anevicon by u/Gymmasssorla.
trickster0 codebases
- https://github.com/trickster0/OffensiveRust
- UDPlant - Basically a UDP reverse shell
- EDR Detector - Detects the EDRs of the installed system according to the .sys files installed
- Lenum - A simple unix enumeration tool