pwntools – CTF Framework & Exploit Development Library

Keep on Guard!


pwntools is a CTF framework and exploit development library. Written in Python, it is designed for rapid prototyping and development, and intended to make exploit writing as simple as possible.

pwntools - CTF Framework & Exploit Development Library

Command-line frontends for some of the functionality are available:

  • asm/disasm: Small wrapper for various assemblers.
  • constgrep: Tool for finding constants defined in header files.
  • cyclic: De Bruijn sequence generator and lookup tool.
  • hex/unhex: Command line tools for doing common hexing/unhexing operations.
  • shellcraft: Frontend to our shellcode.
  • phd: Replacement for hexdump with colors.

Usage

Requirements

pwntools is best supported on Ubuntu 12.04 and 14.04, but most functionality should work on any Posix-like distribution (Debian, Arch, FreeBSD, OSX, etc.).

Most of the functionality of pwntools is self-contained and Python-only. You should be able to get running quickly with:

However, some of the features (ROP generation and assembling/disassembling foreign architectures) require non-Python dependencies. For more information, see the complete installation instructions here.

You can download pwntools here:

2.2.0.zip

Or read more here.

Posted in: Exploits/Vulnerabilities

,


Latest Posts:


Spaghetti Download - Web Application Security Scanner Spaghetti Download – Web Application Security Scanner
Spaghetti is an Open-source Web Application Security Scanner, it is designed to find various default and insecure files, configurations etc.
Taringa Hack - 27 Million User Records Leaked Taringa Hack – 27 Million User Records Leaked
The Taringa hack is actually one of the biggest leaks of the year with 27 million weakly hashed passwords breached, but it's not often covered in the West.
A2SV - Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed A2SV – Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed
A2SV is a Python-based SSL Vulnerability focused tool that allows for auto-scanning and detection of the common and well-known SSL Vulnerabilities.
VHostScan - Virtual Host Scanner With Alias & Catch-All Detection VHostScan – Virtual Host Scanner With Alias & Catch-All Detection
VHostScan is a Python-based virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages.
Equifax Hack Blamed On Single Employee Equifax Hack Blamed On Single Employee
We wrote about the Equifax Hack, Data Breach and Leak last month, which happened due to a flaw in Apache Struts that for some reason hadn't been patched.
LOIC Hivemind - Low Orbit Ion Cannon LOIC Download – Low Orbit Ion Cannon DDoS Booter
LOIC Download below - Low Orbit Ion Cannon is an Open Source Stress Testing and Denial of Service (DoS or DDoS) attack application written in C#.


Comments are closed.