Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks.

Related tags

Security related resourcesreverse-engineeringwindows-kernelidaida-pluginidapythonwindows-driverdriver-exploitation
Overview

Driver Buddy Reloaded Quickstart

Table of Contents

  1. Installation
  2. Usage
  3. About Driver Buddy Reloaded
    1. Finding DispatchDeviceControl
    2. Labelling WDM & WDF Structures
    3. Finding & Decoding IOCTL Codes
    4. Flagging Functions
    5. Finding DeviceName
    6. Dumping Pooltags
  4. Known Caveats & Limitations
  5. Credits & Acknowledgements

Installation

Copy DriverBuddyReloaded folder and DriverBuddyReloaded.py file into the IDA plugins folder ( e.g. C:\Program Files (x86)\IDA 7\plugins\) or wherever you have installed IDA.

Usage

To use the auto-analysis feature:

  1. Start IDA and load a Windows kernel driver.
  2. Go to Edit -> Plugins -> Driver Buddy Reloaded or press CTRL+ALT+A to start the auto-analysis.
  3. Check the "Output" window for the analysis results.

To decode an IOCTLs:

  1. Place the mouse cursor on the line containing a suspected IOCTL code.
  2. Right-click and select Driver Buddy Reloaded -> Decode IOCTL; alternatively press CTRL+ALT+D.

About Driver Buddy Reloaded

Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks. It has a number of handy features, such as:

  • Identifying the type of the driver
  • Locating DispatchDeviceControl / DispatchInternalDeviceControl functions
  • Populating common structures for WDF and WDM drivers
    • Attempts to identify and label structures like the IRP and IO_STACK_LOCATION
    • Label calls to WDF functions that would normally be unlabeled
  • Finding and decoding IOCTL codes
  • Flagging functions prone to misuse
  • Finding potential DeviceName
  • Dumping Pooltags

Finding DispatchDeviceControl

The tool can automatically locate and identify the DispatchDeviceControl routine. This function is used to route all incoming DeviceIoControl codes to the specific driver function associated with that code. Automatically identifying this function makes finding the valid DeviceIoControl codes for each driver much quicker. Additionally, when investigating possible vulnerabilities in a driver due to a crash, knowing the location of this function helps narrow the focus to the specific function call associated with the crashing DeviceIoControl code.

When the analysis is successful some subs will be renamed as follow:

  • DriverEntry: the original first driver-supplied routine that is called after a driver is loaded. It is responsible for initializing the driver.
  • Real_Driver_Entry: usually the function where the execution from DriverEntry has been transferred to. It is usually where the DeviceName is initialized.
  • DispatchDeviceControl/DispatchInternalDeviceControl: if the tool was able to recover the functions at some specific offsets, the functions will then be renamed with the appropriate name.
  • Possible_DispatchDeviceControl_#: if the tool was not able to recover DispatchDeviceControl or DispatchInternalDeviceControl, it employs an experimental searching, following the execution flow, and checking for cases where the function is loading known IO_STACK_LOCATION & IRP addresses; indicating that the function could be the DispatchDeviceControl. As it is based on heuristic, it could return more than one result, and it is prone to false positives.

Labelling WDM and WDF Structures

Several driver structures are shared among all WDM/WDF drivers. The tool is able to automatically identify these structures, such as the IO_STACK_LOCATION, IRP, and DeviceObject structures and can help save time during the reverse engineering process and provide context to areas of the driver where these functions are in use.

Finding and Decoding IOCTL Codes

While reversing drivers, it is common to come across IOCTL codes as part of the analysis. These codes, when decoded, reveal useful information and may draw focus to specific parts of the driver where vulnerabilities are more likely to exist.

By right-clicking on a potential IOCTL code, a context menu option is presented (alternatively using the Ctrl+Alt+D shortcut when the cursor is on the line containing a suspected IOCTL code) and can be used to decode the value. This will print out a table with all decoded IOCTL codes. By right-clicking on a decoded IOCTL code, in the disassembly view, it's possible to mark it as invalid; this will leave any non-IOCTL comment intact.

If you right-click on the first instruction of the function you believe to be the IOCTL dispatcher ( DispatchDeviceControl/DispatchInternalDeviceControl/Possible_DispatchDeviceControl_#) under the Driver Buddy Reloaded menu, a “Decode All” option appears, this attempt to decode all the IOCTL codes it can find in the function. This is a bit hacky but most of the time it can speed things up.

Flagging Functions

Driver Buddy Reloaded has a list of C/C++ functions and opcodes as well as Windows API that are commonly vulnerable or that can facilitate buffer overflow conditions. All found instances are reported back during the auto-analysis and can help while looking for possible user-controlled code paths reaching sensitive functions.

Finding DeviceName

The tool automatically attempts to find the drivers registered device paths (DeviceName), if no paths can be found by looking at Unicode strings inside the binary, then the analyst can manually try to use Madiant’s FLOSS in an attempt to find obfuscated paths.

Dumping Pooltags

During the auto-analysis, the tool also dumps the Pooltags used by the binary in a format that works with pooltags.txt. The output can then be copy-pasted at the end of the file and later picked up by WinDbg.

Known Caveats and Limitations

  • Experimental DispatchDeviceControl searching works only for x64 drivers
  • Shortcuts are incompatible with F-Secure's win_driver_plugin

Credits and Acknowledgements

  • Created in 2021 by Paolo Stagno aka @Void_Sec:
    • Made it compatible with Python 3.x
    • Made it compatible with IDA 7.x
    • Updated C/C++ function and Windows APIs list
    • Various bug fixing
    • Various improvements
    • Integrated part of the functionalities presents in F-Secure's win_driver_plugin
  • DriverBuddy was originally written by Braden Hollembaek and Adam Pond of NCC Group.
  • Using Satoshi Tanda's IOCTL decoder.
  • The WDF functions struct is based on Red Plait's work and was ported to IDA Python by Nicolas Guigo, later updated by Braden Hollembaek and Adam Pond.
  • Using Sam Brown's F-Secure win_driver_plugin to retrieve device name and pool tags, specifically Alexander Pick fork.
  • The original code for adding items to the right-click menu (and possibly some other random snippets) came from 'herrcore'.
Comments
  • [BUG] IOCTLs with less than 10 decimal digits aren't found

    [BUG] IOCTLs with less than 10 decimal digits aren't found

    Describe the bug Any IOCTL with a code that has less than 10 decimal digits (e.g. 0x222003) won't be found by the current code.

    Expected behavior All IOCTLs should be found

    Desktop (please complete the following information):

    • OS and version: Windows 10 21H2 (19044.1586)
    • IDA version: IDA 7.7 SP1
    • DriverBuddyReloaded Version: latest (1.3)
    • Python Version: 3.9.5
    bug help wanted 
    opened by eranzim 7
  • [BUG] module 'idaapi' has no attribute 'compiled_binpat_vec_t'

    [BUG] module 'idaapi' has no attribute 'compiled_binpat_vec_t' 

    Traceback (most recent call last):
  File "C:/Program Files/IDA 7.0/plugins/DriverBuddyReloaded.py", line 465, in run
    driver_type = utils.get_driver_id(driver_entry_addr, log_file)
  File "C:/Program Files/IDA 7.0/plugins\DriverBuddyReloaded\utils.py", line 209, in get_driver_id
    populate_wdf()
  File "C:/Program Files/IDA 7.0/plugins\DriverBuddyReloaded\wdf.py", line 102, in populate_wdf
    binpat = idaapi.compiled_binpat_vec_t()
AttributeError: module 'idaapi' has no attribute 'compiled_binpat_vec_t'

    Version 7.5.201028 Windows x64 (64-bit address size)

    7.6 minimum required?

    bug 
    opened by neobenedict 6
  • [BUG] WDF Structures

    [BUG] WDF Structures

    In commit https://github.com/VoidSec/DriverBuddyReloaded/commit/43eba17ae4eaa9fca8fbaab42a8e3c273676bdf0 I've finished updating IDA's APIs and fixing breaking code changes.

    Unfortunately, despite the script is not breaking anymore, it seems that it still fails this condition at: https://github.com/VoidSec/DriverBuddyReloaded/blob/43eba17ae4eaa9fca8fbaab42a8e3c273676bdf0/DriverBuddyReloaded/wdf.py#L770

    for a reason that, at the moment, is unknown. The logic behind https://github.com/VoidSec/DriverBuddyReloaded/blob/main/DriverBuddyReloaded/wdf.py is pretty "hacky" and somewhat "obscure". In addition to that, I'm not sure that the logic detecting the WDF version at https://github.com/VoidSec/DriverBuddyReloaded/blob/43eba17ae4eaa9fca8fbaab42a8e3c273676bdf0/DriverBuddyReloaded/wdf.py#L759 makes complete sense.

    We should also update the WDF structures in order to include updated ones and keep them updated as I'm pretty sure the latest WDF version is >= 1.13.

    bug help wanted 
    opened by VoidSec 4
  • [BUG] `parse_binpat_str` expected at least 4 arguments

    [BUG] `parse_binpat_str` expected at least 4 arguments

    Describe the bug When I try to decode cdrom.sys, it will occur python warning.

    To Reproduce Steps to reproduce the behavior:

    1. use ida to reverse cdrom.sys
    2. Ctrl+Alt+A
    Traceback (most recent call last):
  File "C:/Users/raven/Desktop/ida77sp1/x64_idapronw_hexarm64w_hexarmw_hexmipsw_hexppc64w_hexppcw_hexx64w_hexx86w_220118/plugins/DriverBuddyReloaded.py", line 466, in run
    driver_type = utils.get_driver_id(driver_entry_addr, log_file)
  File "C:/Users/raven/Desktop/ida77sp1/x64_idapronw_hexarm64w_hexarmw_hexmipsw_hexppc64w_hexppcw_hexx64w_hexx86w_220118/plugins\DriverBuddyReloaded\utils.py", line 205, in get_driver_id
    populate_wdf()
  File "C:/Users/raven/Desktop/ida77sp1/x64_idapronw_hexarm64w_hexarmw_hexmipsw_hexppc64w_hexppcw_hexx64w_hexx86w_220118/plugins\DriverBuddyReloaded\wdf.py", line 753, in populate_wdf
    idx = ida_bytes.bin_search(ea, idaapi.BADADDR, ida_bytes.parse_binpat_str("KmdfLibrary"),
  File "C:\Users\raven\Desktop\ida77sp1\x64_idapronw_hexarm64w_hexarmw_hexmipsw_hexppc64w_hexppcw_hexx64w_hexx86w_220118\python\3\ida_bytes.py", line 3903, in parse_binpat_str
    return _ida_bytes.parse_binpat_str(*args)
TypeError: parse_binpat_str expected at least 4 arguments, got 1

    Expected behavior

    Screenshots If applicable, add screenshots to help explain your problem.

    Desktop (please complete the following information):

    • OS and version: Windows 11
    • IDA version IDA 7.7
    • DriverBuddyReloaded Version: HEad
    • Python Version 3.9

    Additional context Add any other context about the problem here.

    bug 
    opened by loveraven42 3
  • DriverBuddy entry does not shown in plugins menu

    DriverBuddy entry does not shown in plugins menu

    I use IDA Pro 7.6 and Python 3.10, after copying the folder and py script, it should be appeared in Edit->Plugins, but I cannot see the plugin listed?, exact for which IDA and Python versions, will this work?

    bug 
    opened by prksastry 2
  • [BUG] find opcode

    [BUG] find opcode

    find opcode sometimes print out opcodes not related with the searching

    [>] Searching for interesting opcodes...
	- Found mov     al, [rdi+rcx] in sub_231C4 at 0x0002327d
    bug 
    opened by VoidSec 1
  • feat: add addresses where finding IOCTLs

    feat: add addresses where finding IOCTLs

    It will become more convinient to have addresses where we find IOCTLs.

    Get

    [>] Searching for IOCTLs found by IDA...
0x14000b6e8        : 0x2D1400   | FILE_DEVICE_MASS_STORAGE        0x2D       | 0x500      | METHOD_BUFFERED   0    | FILE_ANY_ACCESS (0)

    instead of

    [>] Searching for IOCTLs found by IDA...
0x2D1400   | FILE_DEVICE_MASS_STORAGE        0x2D       | 0x500      | METHOD_BUFFERED   0    | FILE_ANY_ACCESS (0)
    opened by zeze-zeze 0
  • [BUG] TypeError: %d format: a number is required, not struc_t

    [BUG] TypeError: %d format: a number is required, not struc_t 

    Failed while executing plugin_t.run():
Traceback (most recent call last):
  File "D:/IDA/plugins/DriverBuddyReloaded.py", line 466, in run
    driver_type = utils.get_driver_id(driver_entry_addr, log_file)
  File "D:\IDA/plugins\DriverBuddyReloaded\utils.py", line 209, in get_driver_id
    populate_wdf()
  File "D:\IDA/plugins\DriverBuddyReloaded\wdf.py", line 759, in populate_wdf
    id = add_struct(version)
  File "D:\IDA/plugins\DriverBuddyReloaded\wdf.py", line 50, in add_struct
    idc.add_struc_member(struc, "pfnWdfChildListCreate", idc.BADADDR, idc.FF_DATA | FF_PTR, None, ptr_size)
  File "D:\IDA\python\3\idc.py", line 3919, in add_struc_member
    return eval_idc('add_struc_member(%d, "%s", %d, %d, %d, %d);' % (sid, ida_kernwin.str2user(name or ""), offset, flag, typeid, nbytes))
TypeError: %d format: a number is required, not struc_t
    bug help wanted 
    opened by VoidSec 0
  • [BUG] TypeError: in method 'get_struc', argument 1 of type 'ea_t'

    [BUG] TypeError: in method 'get_struc', argument 1 of type 'ea_t'

    Testing cdrom.sys

    Failed while executing plugin_t.run():
Traceback (most recent call last):
  File "D:/IDA/plugins/DriverBuddyReloaded.py", line 466, in run
    driver_type = utils.get_driver_id(driver_entry_addr, log_file)
  File "D:\IDA/plugins\DriverBuddyReloaded\utils.py", line 208, in get_driver_id
    populate_wdf()
  File "D:\IDA/plugins\DriverBuddyReloaded\wdf.py", line 759, in populate_wdf
    id = add_struct(version)
  File "D:\IDA/plugins\DriverBuddyReloaded\wdf.py", line 45, in add_struct
    idc.del_struc(idaapi.get_struc(id))
  File "D:\IDA\python\3\idc.py", line 3855, in del_struc
    s = ida_struct.get_struc(sid)
  File "D:\IDA\python\3\ida_struct.py", line 532, in get_struc
    return _ida_struct.get_struc(*args)
TypeError: in method 'get_struc', argument 1 of type 'ea_t'
    bug 
    opened by VoidSec 0
  • Fix use of non working function

    Fix use of non working function

    Fixed using ida_bytes.bin_search with parse_binpat_str.

    I tried to find out how to use the ida_bytes.bin_search function and parse_binpat_str and the only thing I could find was this, as soon as I found out how use it I sent this pr

    opened by harelon 0
  • Adding deprecated functions

    Adding deprecated functions

    Added deprecated/banned/dangerous functions to the list, based on existing entries and on: https://github.com/x509cert/banned/blob/master/banned.h https://github.com/tpn/winsdk-10/blob/master/Include/10.0.16299.0/shared/dontuse.h

    enhancement 
    opened by eranzim 0
  • [FEATURE] enumeration of MajorCodes

    [FEATURE] enumeration of MajorCodes

    It will be useful add the enumeration of MajorCodes

    enum Major_Codes { IRP_MJ_CREATE = 0x0, IRP_MJ_CREATE_NAMED_PIPE = 0x1, IRP_MJ_CLOSE = 0x2, IRP_MJ_READ = 0x3, IRP_MJ_WRITE = 0x4, IRP_MJ_QUERY_INFORMATION = 0x5, IRP_MJ_SET_INFORMATION = 0x6, IRP_MJ_QUERY_EA = 0x7, IRP_MJ_SET_EA = 0x8, IRP_MJ_FLUSH_BUFFERS = 0x9, IRP_MJ_QUERY_VOLUME_INFORMATION = 0xA, IRP_MJ_SET_VOLUME_INFORMATION = 0xB, IRP_MJ_DIRECTORY_CONTROL = 0xC, IRP_MJ_FILE_SYSTEM_CONTROL = 0xD, IRP_MJ_DEVICE_CONTROL = 0xE, IRP_MJ_INTERNAL_DEVICE_CONTROL = 0xF, IRP_MJ_SHUTDOWN = 0x10, IRP_MJ_LOCK_CONTROL = 0x11, IRP_MJ_CLEANUP = 0x12, IRP_MJ_CREATE_MAILSLOT = 0x13, IRP_MJ_QUERY_SECURITY = 0x14, IRP_MJ_SET_SECURITY = 0x15, IRP_MJ_QUERY_POWER = 0x16, IRP_MJ_SET_POWER = 0x17, IRP_MJ_DEVICE_CHANGE = 0x18, IRP_MJ_QUERY_QUOTA = 0x19, IRP_MJ_SET_QUOTA = 0x1A, IRP_MJ_PNP_POWER = 0x1B, IRP_MJ_MAXIMUM_FUNCTION = 0x1C, };

    If this enumeration exists in localtypes and is syncronized, you can press M in the code numbers and add the MJ function name.

    This can be converted to

    NTSTATUS __stdcall DriverEntry(_DRIVER_OBJECT *DriverObject, PUNICODE_STRING RegistryPath) { int v3; // ebx _QWORD *v4; // rcx __int64 v5; // rax struct _UNICODE_STRING DestinationString; // [rsp+40h] [rbp-28h] BYREF struct _UNICODE_STRING SymbolicLinkName; // [rsp+50h] [rbp-18h] BYREF PDEVICE_OBJECT DeviceObject; // [rsp+70h] [rbp+8h] BYREF

    DriverObject->MajorFunction[0] = (PDRIVER_DISPATCH)&Possible_DispatchDeviceControl_0; DriverObject->MajorFunction[2] = (PDRIVER_DISPATCH)&Possible_DispatchDeviceControl_0; DriverObject->MajorFunction[14] = (PDRIVER_DISPATCH)&Possible_DispatchDeviceControl_0; DriverObject->DriverStartIo = 0i64; DriverObject->DriverUnload = (PDRIVER_UNLOAD)sub_11520;

    to

    NTSTATUS __stdcall DriverEntry(_DRIVER_OBJECT *DriverObject, PUNICODE_STRING RegistryPath) { int v3; // ebx _QWORD *v4; // rcx __int64 v5; // rax struct _UNICODE_STRING DestinationString; // [rsp+40h] [rbp-28h] BYREF struct _UNICODE_STRING SymbolicLinkName; // [rsp+50h] [rbp-18h] BYREF PDEVICE_OBJECT DeviceObject; // [rsp+70h] [rbp+8h] BYREF

    DriverObject->MajorFunction[IRP_MJ_CREATE] = (PDRIVER_DISPATCH)&Possible_DispatchDeviceControl_0; DriverObject->MajorFunction[IRP_MJ_CLOSE] = (PDRIVER_DISPATCH)&Possible_DispatchDeviceControl_0; DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = (PDRIVER_DISPATCH)&Possible_DispatchDeviceControl_0; DriverObject->DriverStartIo = 0i64;

    Thanks for a good tool

    enhancement help wanted 
    opened by ricnar456 1
  • [FEATURE] Print the address where IOCTLs have been found

    [FEATURE] Print the address where IOCTLs have been found

    At the moment the table being printed does not contain the function/address where the specific "dumb" IOCTL values have been found. Adding it to the output will improve the navigability and augment the information value

    enhancement help wanted 
    opened by VoidSec 0
  • [FEATURE] Some pooltags aren't recognized

    [FEATURE] Some pooltags aren't recognized

    Describe the bug Pooltags which aren't immediate values in the correct place, but possibly propagated via a register, aren't found. Example code snippet:

    ...
mov     ebp, 'ABCD'
mov     rdx, rax        ; NumberOfBytes
mov     r8d, ebp        ; Tag
call    cs:ExAllocatePoolWithTag

    Expected behavior All Pooltags should be found

    Desktop (please complete the following information):

    • OS and version: Windows 10 21H2 (19044.1586)
    • IDA version: IDA 7.7 SP1
    • DriverBuddyReloaded Version: latest (1.3)
    • Python Version: 3.9.5
    enhancement help wanted 
    opened by eranzim 3
Releases(1.6)
Owner
Paolo 'VoidSec' Stagno
Offensive Security Researcher & Exploit Developer
Paolo 'VoidSec' Stagno
GitHub Repository https://voidsec.com/driver-buddy-reloaded
Metal Gear Online 2 (MGO2) stage files decryption

Metal Gear Online 2 decryption tool Metal Gear Online 2 (MGO2) has an additional layer of encryption for stage files. I was not able to find info abou

4 Sep 02, 2022
Consolidating and extending hosts files from several well-curated sources. You can optionally pick extensions to block pornography, social media, and other categories.

Take Note! With the exception of issues and PRs regarding changes to hosts/data/StevenBlack/hosts, all other issues regarding the content of the produ

Steven Black 22.1k Jan 02, 2023
Complet and easy to run Port Scanner with Python

Port_Scanner Complet and easy to run Port Scanner with Python Installation 1- git clone https://github.com/s120000/Port_Scanner 2- cd Port_Scanner 3-

1 May 19, 2022
Pass2Pwn: a simple python3 tool created to assist penetration testers generate possible passwords for a targeted system based solely on the organization's name

Pass2Pwn is a simple python3 tool created to assist penetration testers generate possible passwords for a targeted system based solely on the organization's name

Nirmal Dahal 10 Oct 15, 2022
Docker Compose based system for running remote browsers (including Flash and Java support) connected to web archives

pywb Remote Browsers This repository provides a simple configuration for deploying any pywb with remote browsers provided by OWT/Shepherd Remote Brows

Webrecorder 10 Jul 28, 2022
Directory Traversal in Afterlogic webmail aurora and pro

CVE-2021-26294 Exploit Directory Traversal in Afterlogic webmail aurora and pro . Description: AfterLogic Aurora and WebMail Pro products with 7.7.9 a

Ashish Kunwar 8 Nov 09, 2022
Volunteer & Campaign Management System

Cleansweep Requirements A Linux (or Mac OS X) node with the following software installed. Ubuntu 14.04 is preferred. PostgreSQL 9.3 database server Py

Aam Aadmi Party 39 May 24, 2022
DomainMonitor is a web project that has a RESTful API to get a domain's subdomains and whois data.

DomainMonitor is a web project that has a RESTful API to get a domain's subdomains and whois data.

2 Feb 05, 2022
Proof on Concept Exploit for CVE-2021-38647 (OMIGOD)

OMIGOD Proof on Concept Exploit for CVE-2021-38647 (OMIGOD) For background information and context, read the our blog post detailing this vulnerabilit

Horizon 3 AI Inc 231 Nov 12, 2022
A great and handy python obfuscator for protecting code.

Python Code Obfuscator A handy and necessary tool that can protect your code anytime! Mostly Command Line tool that will obfuscate your code. Features

Karim 5 Nov 18, 2022
A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications

This project is no longer maintained March 2020 Update: Please go see the amazing Pysa tutorial that should get you up to speed finding security vulne

2.1k Dec 25, 2022
These are Simple python scripts to test/scan your network

Disclaimer This tool is for Educational purpose only. We do not promote or encourage any illegal activities. Summary These are Simple python scripts t

Varun Jagtap 5 Oct 08, 2022
A quick script to spot the usage of Unicode Bidi (bidirectional) characters that could lead to an Invisible Backdoor

Invisible Backdoor Detector is a little Python script that allows you to spot and remove Bidi characters that could lead to an invisible backdoor. If you don't know what that is you should check the

SecSI 28 Dec 29, 2022
Automatic ProxyShell Exploit

proxyshell-auto usage: proxyshell.py [-h] -t T Automatic Exploit ProxyShell optional arguments: -h, --help show this help message and exit -t T

lulz 93 Jan 05, 2023
This is a keylogger in python for Windows, Mac and Linux!

Python-Keylogger This is a keylogger in python for Windows, Mac and Linux! #How to use it by downloading the zip file? Download the zip file first The

Zeus_Dxvxm 2 Nov 12, 2021
Chromepass - Hacking Chrome Saved Passwords

Chromepass - Hacking Chrome Saved Passwords and Cookies View Demo · Report Bug · Request Feature Table of Contents About the Project AV Detection Gett

darkArp 622 Jan 04, 2023
Program that mathematically generates and validates CPF numbers

✔️ Gerador e Validador de CPF Programa que gera e valida números de CPF Requisitos • Como usar • Capturas de Tela Requisitos Antes de começar, você va

João Victor Vilela dos Santos 1 Nov 07, 2021
MassStringer, CTF Flag Finder

massStringer MassStringer, CTF Flag Finder Usage: python3 massStringer.py Enter absolute path of the directory to scan for flags Edit "flag = re.searc

SuperTsumu 4 Sep 06, 2022
SonicWall SMA-100 Unauth RCE Exploit (CVE-2021-20038)

Bad Blood Bad Blood is an exploit for CVE-2021-20038, a stack-based buffer overflow in the httpd binary of SMA-100 series systems using firmware versi

Jake Baines 80 Dec 29, 2022
PyExtractor is a decompiler that can fully decompile exe's compiled with pyinstaller or py2exe

PyExtractor is a decompiler that can fully decompile exe's compiled with pyinstaller or py2exe with additional features such as malware checker/detector! Also checks file(s) for suspicious words, dis

Rdimo 56 Jul 31, 2022