QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing

A generic C++ API for SMT solving. It provides abstract classes which can be implemented by different SMT solvers.

The automated prompt injection framework for LLM-integrated applications.

Fuzz Introspector -- introspect, extend and optimise fuzzers

OSS-Fuzz - continuous fuzzing for open source software.

🦜🔗 The platform for reliable agents.

A pre-commit hook for Ruff.

SWE-agent takes a GitHub issue and tries to automatically fix it, using your LM of choice. It can also be employed for offensive cybersecurity or competitive coding challenges. [NeurIPS 2024]

ConvoKit is a toolkit for extracting conversational features and analyzing social phenomena in conversations. It includes several large conversational datasets along with scripts exemplifying the u…

Repo with random useful scripts, utilities, prompts and stuff

AFLNet: A Greybox Fuzzer for Network Protocols (https://thuanpv.github.io/publications/AFLNet_ICST20.pdf)

BEERUS Framework for Android

DSPy: The framework for programming—not prompting—language models

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Prompt Injection Primer for Engineers

A collection of my Frida instrumentation scripts to reverse engineer mobile apps and more.

Ansible is a radically simple IT automation platform that makes your applications and systems easier to deploy and maintain. Automate everything from code deployment to network configuration to clo…

Coverage-guided grammar aware fuzzer that uses grammar automatons

Ultralightweight JSON parser in ANSI C

PromeFuzz: A Knowledge-Driven Approach to Fuzzing Harness Generation with Large Language Models

The best tool for finding one gadget RCE in libc.so.6

LIEF - Library to Instrument Executable Formats (C++, Python, Rust)

Fully dockerized Linux kernel debugging environment

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

A repository for learning various heap exploitation techniques.

Kaitai Struct: declarative language to generate binary data parsers in C++ / C# / Go / Java / JavaScript / Lua / Nim / Perl / PHP / Python / Ruby / Rust

Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs. Discord https://discord.gg/vv4MH284Hc