All tools

Firmware and file analysis tool that scans for embedded files and extracts hidden archives.

Stack-based buffer overflow workflow: fuzz, find the offset, control EIP, find bad chars, locate a JMP ESP, and get a shell.

Quick report of binary security mitigations (RELRO, stack canary, NX, PIE, Fortify).

Fast TCP/UDP tunnel over HTTP(S) for pivoting through compromised hosts when SSH is unavailable.

Identify file types from magic bytes — essential before choosing exploit, extraction, or analysis tools.

GNU debugger for binary analysis with GEF or Pwndbg for heap, registers, and exploit-oriented views.

Advanced pivoting via TUN interface and agent — cleaner routing than SOCKS for multi-host internal scans.

Enumeration and escalation paths to go from a low-privilege shell to root on Linux during authorized engagements.

Modular exploitation framework for scanning, exploiting, and post-exploitation with msfconsole, handlers, and msfvenom.

Generate and encode standalone payloads (reverse shells, shellcode, MSI/EXE/ELF) for authorized exploitation.

Expose local services to the internet for reverse shells, webhooks, and phishing callbacks during authorized tests.

Disassemble ELF binaries, inspect sections, symbols, and relocations for exploit development.

Python library for exploit development, remote/local process interaction, and ROP/shellcode workflows.

Classic ROP gadget finder with --ropchain auto-generation for simple execve/sh chains.

ROP gadget search tool supporting ELF/PE with semantic filtering and chain building helpers.

Transparent proxy/VPN over SSH — route subnets through a compromised SSH host without modifying sshd config.

Extract printable strings from binaries and dumps to find URLs, flags, passwords, and error messages.

Enumeration and escalation paths from a low-privilege Windows user to SYSTEM or Administrator on authorized engagements.