CTF-All-In-One

This is a repository for a book titled "CTF-All-In-One" by firmianay. The book is a comprehensive guide to CTF Capture The Flag competitions, covering various topics such as Linux, Web security, reverse engineering, and cryptography. The repository contains the source code and materials for the...

hackingtool

This is an offensive tool for penetration testing and hacking. It is a collection of various tools for different types of attacks, including information gathering, web attacks, SQL injection, phishing, and more. The tool is written in Python and is designed to be run on Linux systems, including...

pwntools

This is a CTF framework and exploit development library. It is a Python library for exploit development and reverse engineering. The library provides a set of tools for creating and executing exploits, as well as for analyzing and debugging binary files. The library is designed to be extensible a...

hackingtool-v5.1

All in One Hacking tool For Hackers🥇 !https://img.shields...

hackingtool

This is an all-in-one hacking tool for hackers, written in Python. The tool is designed to be run on Linux, Kali Linux, or Parrot OS. It provides a menu-driven interface for various hacking tasks, including information gathering, wireless attacks, SQL injection, phishing, web attacks,...

CVE-2025-55619

Reolink v4.54.0.4.20250526 was discovered to contain a hardcoded encryption key and initialization vector. An attacker can leverage this vulnerability to decrypt access tokens and web session tokens stored inside the app via reverse engineering...

CVE-2025-55619

Reolink v4.54.0.4.20250526 was discovered to contain a hardcoded encryption key and initialization vector. An attacker can leverage this vulnerability to decrypt access tokens and web session tokens stored inside the app via reverse engineering...

CVE-2025-55619

Reolink v4.54.0.4.20250526 was discovered to contain a hardcoded encryption key and initialization vector. An attacker can leverage this vulnerability to decrypt access tokens and web session tokens stored inside the app via reverse engineering...

CVE-2025-55619

Summary: CVE-2025-55619 affects the Reolink Android app (version 4.54.0.4.20250526). The root cause is a hardcoded encryption key and IV, which attackers can leverage to decrypt access tokens and web session tokens stored in the app via reverse engineering. This vulnerability has a high impact (C...

CVE-2025-54464

This vulnerability exists in ZKTeco WL20 due to storage of admin and user credentials without encryption in the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engineer the binary data to access the unencrypted credentials...

CVE-2025-54464

This vulnerability exists in ZKTeco WL20 due to storage of admin and user credentials without encryption in the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engineer the binary data to access the unencrypted credentials...

CVE-2025-54464

The CVE-2025-54464 entry concerns ZKTeco WL20. The vulnerability is described as cleartext storage of admin and user credentials within the device firmware. An attacker with physical access could extract the firmware, reverse‑engineer the binary data, and obtain unencrypted credentials, impacting...

Designing with Deception: ML- and Covert Gate-Enhanced Camouflaging to Thwart IC Reverse Engineering

Integrated circuits ICs are essential to modern electronic systems, yet they face significant risks from physical reverse engineering RE attacks that compromise intellectual property IP and overall system security. While IC camouflage techniques have emerged to mitigate these risks, existing...

Exploit for Out-of-bounds Write in Cypress Cyw20735_Firmware

This repository is an offensive tool for firmware emulation and fuzzing. It provides a virtual environment to fuzz wireless firmwares, allowing for the extraction of their current state and re-execution in a virtual environment for fuzzing. The tool is currently optimized for the CYW20735 Bluetoo...

Microsoft Launches Project Ire to Autonomously Classify Malware Using AI Tools

Microsoft on Tuesday announced an autonomous artificial intelligence AI agent that can analyze and classify software without assistance in an effort to advance malware detection efforts. The large language model LLM-powered autonomous malware classification system, currently a prototype, has been...

Using LLMs as a reverse engineering sidekick

This research explores how large language models LLMs can complement, rather than replace, the efforts of malware analysts in the complex field of reverse engineering. LLMs may serve as powerful assistants to streamline workflows, enhance efficiency, and provide actionable insights during malware...

TEE-reversing

This repository is an offensive tool for learning how to reverse-engineer and achieve trusted code execution on ARM devices. It contains a curated list of public TEE resources, including papers on TEE reversing and security analysis. The repository includes links to various papers and resources o...

Exploit for CVE-2017-3143

Awesome Vulnerability Research 🦄 A curated list of the awesome resources about the Vulnerability Research First things first: There are no exploits in this project. Vulnerabilities != Exploits A Vulnerability resides in the software itself, doing nothing on its own. If you are really curious abou...

Removing Box-Free Watermarks for Image-To-Image Models Via Query-Based Reverse Engineering

The intellectual property of deep generative networks GNets can be protected using a cascaded hiding network HNet which embeds watermarks or marks into GNet outputs, known as box-free watermarking. Although both GNet and HNet are encapsulated in a black box called operation network, or ONet, with...

Enterprise Security Incident Analysis and Countermeasures Based on the T-Mobile Data Breach

This paper presents a comprehensive analysis of T-Mobile's critical data breaches in 2021 and 2023, alongside a full-spectrum security audit targeting its systems, infrastructure, and publicly exposed endpoints. By combining case-based vulnerability assessments with active ethical hacking...