From offensive-claude
Turns memory-corruption bugs into reliable PoCs with primitive chains (leak → R/W → control flow) against modern mitigations. Covers stack/ROP, glibc heap & FSOP, format strings, browser/JIT type confusion & UAF, and Linux/Windows kernel LPE.
How this skill is triggered — by the user, by Claude, or both
Slash command
/offensive-claude:exploit-developmentThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
End-to-end weaponization: turn a confirmed bug class into a reliable, version-pinned PoC, then a primitive chain (leak -> R/W -> control flow), against current mitigations. Every cluster pairs the offensive path with detection telemetry and OPSEC.
references/browser-jit-uaf.mdreferences/exploit-feasibility.mdreferences/format-string-leaks.mdreferences/heap-glibc-fsop.mdreferences/kernel-exploitation.mdreferences/stack-rop-mitigations.mdscripts/exploit_context.pyscripts/feasibility_profile.pyscripts/fmtstr_leak.pyscripts/heap_fsop.pyscripts/kernel_lpe_skeleton.cscripts/offset_finder.pyscripts/rop_autochain.pyscripts/safe_linking.pyscripts/v8_primitives.jsEnd-to-end weaponization: turn a confirmed bug class into a reliable, version-pinned PoC, then a primitive chain (leak -> R/W -> control flow), against current mitigations. Every cluster pairs the offensive path with detection telemetry and OPSEC.
| Technique | ATT&CK | CWE | Reference | Script |
|---|---|---|---|---|
| Stack overflow -> ret2libc/ROP | T1203 | CWE-121 | references/stack-rop-mitigations.md | scripts/offset_finder.py |
| ret2csu / SROP / stack pivot | T1203 | CWE-121 | references/stack-rop-mitigations.md | scripts/rop_autochain.py |
| ret2dlresolve (leakless) | T1203 | CWE-121 | references/stack-rop-mitigations.md | scripts/rop_autochain.py |
| CET/CFG-aware control-flow hijack | T1203 | CWE-1419 | references/stack-rop-mitigations.md | scripts/rop_autochain.py |
| tcache/fastbin poisoning + safe-linking | T1203 | CWE-416 | references/heap-glibc-fsop.md | scripts/safe_linking.py |
| House of Botcake / Einherjar / Apple2 | T1203 | CWE-415 | references/heap-glibc-fsop.md | scripts/heap_fsop.py |
| FSOP (stdout leak, House of Apple 2) | T1203 | CWE-787 | references/heap-glibc-fsop.md | scripts/heap_fsop.py |
| Format string leak + arbitrary write | T1203 | CWE-134 | references/format-string-leaks.md | scripts/fmtstr_leak.py |
| V8 type confusion -> addrof/fakeobj | T1203 | CWE-843 | references/browser-jit-uaf.md | scripts/v8_primitives.js |
| V8 Sandbox escape (WASM jump table) | T1203 | CWE-843 | references/browser-jit-uaf.md | scripts/v8_primitives.js |
| UAF heap-spray reclaim | T1203 | CWE-416 | references/browser-jit-uaf.md | scripts/v8_primitives.js |
| Linux kernel UAF -> cross-cache | T1068 | CWE-416 | references/kernel-exploitation.md | scripts/kernel_lpe_skeleton.c |
| Dirty Pagetable / Pagedirectory | T1068 | CWE-416 | references/kernel-exploitation.md | scripts/kernel_lpe_skeleton.c |
| msg_msg infoleak / spray | T1068 | CWE-125 | references/kernel-exploitation.md | scripts/kernel_lpe_skeleton.c |
| Windows PreviousMode / I/O Ring R/W | T1068 | CWE-787 | references/kernel-exploitation.md | scripts/kernel_lpe_skeleton.c |
| Empirical mitigation matrix (build witness under N profiles) | T1203 | CWE-693 | references/exploit-feasibility.md | scripts/feasibility_profile.py |
| Cached context + blocked-technique gate for /exploit | T1203 | CWE-693 | references/exploit-feasibility.md | scripts/exploit_context.py |
# 0. Fingerprint target + libc (pin every version)
file ./target; pwn checksec ./target
strings -a libc.so.6 | grep -m1 'release version' # exact glibc build
patchelf --set-interpreter ./ld.so --replace-needed libc.so.6 ./libc.so.6 ./target
# 1. Crash + offset (cyclic) — see scripts/offset_finder.py
python3 scripts/offset_finder.py ./target # auto pattern_create/offset
# 2. Gadgets + one_gadget
ROPgadget --binary ./libc.so.6 > gadgets.txt
ropper -f ./libc.so.6 --search 'pop rdi; ret'
one_gadget ./libc.so.6
# 3. Build chain (leak -> base -> system/execve) — scripts/rop_autochain.py
python3 scripts/rop_autochain.py ./target ./libc.so.6 --leak puts --remote host:port
# 4. Heap targets: poison fd with safe-linking math, FSOP for the endgame
python3 scripts/safe_linking.py --chunk 0x55...000 --target 0x7f... # encrypt fd
python3 scripts/heap_fsop.py --libc ./libc.so.6 --mode apple2 # FSOP payload
# 5. Verify reliability before delivery
for i in $(seq 1 50); do python3 exploit.py >/dev/null 2>&1 && echo ok; done | wc -l
Cache the target context once. Steps 0–2 (file/checksec/libc build, gadget table, one_gadget) describe the target, not a single attempt — compute them once and reuse them across every PoC iteration. Re-running recon on each attempt wastes budget and pollutes telemetry; an autopilot loop should treat the fingerprint + gadget set as cached input, not a per-iteration step. A future empirical feasibility profile (raptor-adoption PR-3) will rebuild the crash witness under several mitigation profiles and emit a machine-readable map of which techniques the target actually permits — the PoC is then forbidden from using a technique that map marks blocked. Until it lands: record the checksec/mitigation state explicitly and do not claim a technique the target's protections rule out.
| Technique | Telemetry/IOC | Detection (Sigma/EDR) | OPSEC note |
|---|---|---|---|
| ROP/ret2libc | Stack exec faults, abnormal execve("/bin/sh") child of network daemon | EDR: child shell from listener; auditd execve of /bin/sh w/ empty argv | Use in-memory ORW (open/read/write flag) instead of shell to avoid execve IOC |
| Heap/FSOP | glibc *** stack smashing ***/malloc(): ... aborts in logs; SIGABRT crash loops | Sigma: repeated SIGABRT/SIGSEGV from same PID; coredump bursts | Disable coredumps (prctl(PR_SET_DUMPABLE,0)); tune spray to avoid abort()s |
| Format string | %n/%p strings in request/argv logs; segfault on bad write | WAF/Sigma on %n,%[0-9]+\$n in inputs | Pre-stage write target; minimize % count, avoid huge field widths |
| V8 type confusion | Renderer crash dumps, chrome_crashpad, GPU/renderer restarts | Crashpad telemetry; EDR on renderer spawning unexpected processes | Keep corruption inside cage; clean up sprayed arrays; avoid renderer crash on failure |
| Kernel LPE | dmesg oops/RIP, KASAN splats, apparmor/audit LPE child = root | Sigma: process gaining uid=0 w/o setuid path; EDR kernel-callback | Fileless (no SUID drop); restore corrupted state; clear dmesg only if authorized |
offset_finder.py, rop_autochain.py.safe_linking.py, heap_fsop.py.%n arbitrary write, PIE/libc/canary leaks, fmtstr automation and one-shot GOT/exit-handler overwrite. Backed by fmtstr_leak.py.v8_primitives.js.kernel_lpe_skeleton.c./exploit is forbidden a technique the map marks blocked. Backed by feasibility_profile.py (build/replay, Linux/devcontainer) + exploit_context.py (cached checksec/libc + the assert_allowed gate). Pairs with reverse-engineering/references/rr-time-travel.md + coverage-reachability.md.npx claudepluginhub hypnguyen1209/offensive-claude --plugin offensive-claudeOperational guide for exploit development: environment setup, debugging workflow, PoC lifecycle, pwntools/pwndbg usage, heap exploitation, and weaponization. For authorized security research only.
Assists with authorized exploit development, PoC creation, payload engineering, and shellcode analysis for security testing, CTFs, and bug bounties.
Analyzes ELF binaries for exploitation vectors using checksec, ROPgadget, and pwntools. Covers buffer overflow and ROP chain development for CTF and authorized security assessments.