Here i'll publish some rudimentary tools i made for vulnerability research and reverse engineering tasks for IoT routers.
pocs :
- audit/py_permission_checker : Script parsing
ls -lRoutput and returning interesting security info, for example the list of files owned by root with write or read permissions to others - vuln_scanners : script automazing bulk-mode binary vulnerability scanners, for example binabsinspector
- Cross compilation notes
- ltrace_guide : Compile ltrace statically for arm-v7
- procdump.min : Minimal process dump memory C code without using 'process_vm_readv' syscall and so ideal for old kernels
grep:
- distrib_grep.sh : do poor string distribution
gdb :
- load_library_inject.gdb : example on how to load a library inside the debeguee process memory address
helpers :
- various notes and helpers
hooks :
- hook templates
ida :
- make_data_from_to.py : Define an array of some type
- search_opcode_and_syscall : Reconstruct the association of names to syscall numbers n32 ABI, usefull for static binary compiled with different ABI syscall
- IDC plugins to support OSED exam preparation, some of the scripts are simplified port of devttyS0 IDAPython plugins
- Various scripts related to qemu user-mode emulation and gdb-multiarch debugging
- Rudimentary scripts to do stuff related to filesystem diff and binary diff
- Create filesystem graph and return a list of non-shared object ELF calling an external function which in turn calls a function that you're interested