SkillAgentSearch skills...

LabExploit

LabExploit — reproducible exploit research and training, with safety gates and educational tooling.

GenerateConvertImprove

Install / Use

/learn @livepwn/LabExploit
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

<h1 align="center"> <img src="https://raw.githubusercontent.com/livepwn/LabExploit/refs/heads/master/docs/logo.png" alt="LabExploit" /> <br> LabExploit </h1> <p align="center"> <a href="https://www.python.org/" target="_blank"><img src="https://img.shields.io/badge/Python-3-yellow.svg?logo=python" alt="Python: 3" /></a> <a href="https://github.com/LabExploit/releases" target="_blank"><img src="https://img.shields.io/badge/version-v1.0-blue.svg?logo=moo" alt="Release: v3.1" /></a> <a href="https://opensource.org/licenses/MIT" target="_blank"><img src="https://img.shields.io/badge/license-MIT-green.svg" alt="lisence" /></a> </p>

SECURITY RESEARCH TOOL - USE RESPONSIBLY

A security research tool for exploit development and analysis with built-in safety controls.

Legal and Ethical Warning

IMPORTANT: This tool is designed for:

  • Authorized security research
  • Educational purposes
  • Penetration testing on systems you own or have explicit permission to test

PROHIBITED:

  • Unauthorized testing on systems you don't own
  • Malicious activities
  • Violating local, state, federal, or international laws

By using this tool, you accept full responsibility for your actions.

Features

  • Buffer Overflow - Generate overflow payloads with safety checks
  • ROP Chain Building - Construct ROP chains from gadgets
  • Format String Exploits - Create format string payloads
  • Shellcode Generation - Generate various shellcode types (with safety gates)
  • Fuzzing - Create random payloads for testing
  • Crash Detection - Detect and analyze program crashes
  • Binary Analysis - Check security features and properties

Safety First Design

  • Dry-run by default - No actions executed without explicit consent
  • Unsafe operations gated - Requires --unsafe flag and interactive confirmation
  • Comprehensive logging - All unsafe actions are logged
  • No destructive defaults - Cannot accidentally damage systems

Quick Start

Installation

# From source
git clone https://github.com/livepwn/LabExploit.git
cd LabExploit
sudo pip install -e .    or    if having error like me in pip try (sudo pip install --break-system-packages  -e . )
sudo python3 setup.py develop 

# Or via Debian package (when available)
dpkg -i liveexploit_*.deb

Commands

show help

liveexploit --help
show version
liveexploit --version

Analyze

liveexploit analyze /bin/ls

Analyze protections and symbols (dry-run ok)

liveexploit --dry-run analyze ./binaries/sample

Buffer payloads (preview / write)

Preview a buffer payload (safe)

liveexploit --dry-run buffer --padding 64 --ret-address 0xdeadbeef --arch i386
Generate and write payload to file (unsafe; confirm)
LIVEEXPLOIT_ALLOW_UNSAFE=1 printf "I UNDERSTAND\n" | liveexploit --unsafe buffer --padding 4096 --ret-address 0x401234 --arch amd64 > payload.bin

ROP chain builder

Preview ROP chain (dry-run)
liveexploit --dry-run rop /bin/ls --gadgets 0x401000 0x402000
Build actual ROP chain (unsafe)
LIVEEXPLOIT_ALLOW_UNSAFE=1 printf "I UNDERSTAND\n" | liveexploit --unsafe rop /usr/bin/id --gadgets 0x500000 0x500100

Format-string payloads

Single write (preview)

liveexploit --dry-run fmt --offset 5 --write 0x601234 0x41414141
Two writes (preview)
liveexploit --dry-run fmt --offset 7 --write 0x601000 0xdeadbeef --write 0x601004 0xcafebabe

Shellcode generation

Exec-shellcode (preview)

liveexploit --dry-run shellcode exec --arch x64
Generate reverse shellcode (unsafe; confirm)
LIVEEXPLOIT_ALLOW_UNSAFE=1 printf "I UNDERSTAND\n" | liveexploit --unsafe shellcode reverse --ip 127.0.0.1 --port 4444 --arch x64

Fuzzing helpers

Produce a fuzz payload (safe)

liveexploit fuzz --length 500

Deterministic fuzz with seed (safe)

liveexploit fuzz --length 200 --seed 12345

Crash detection / fuzz → crash

Simple crash detection run (safe if target is your test binary)

liveexploit detect-crash ./binary --payload /dev/null --timeout 10

Fuzz target (unsafe - interactive or token required)

LIVEEXPLOIT_ALLOW_UNSAFE=1 printf "I UNDERSTAND\n" | liveexploit --unsafe fuzz --iterations 500 ./binary

Memory dump (test-harness only)

Dump memory of a test PID (unsafe, test harness only)

LIVEEXPLOIT_ALLOW_UNSAFE=1 printf "I UNDERSTAND\n" | liveexploit --unsafe memdump --pid 12345

Generate report

Produce JSON report of the last run

liveexploit report --output exploit_report.json

Quick smoke-check sequence (safe

liveexploit --help
liveexploit --dry-run analyze ./binaries/sample
liveexploit --dry-run buffer --padding 64 --ret-address 0x41414141 --arch amd64
liveexploit --dry-run fmt --offset 5 --write 0x601000 0xdeadbeef
liveexploit report --output demo_report.json

livepwn

View profile

View on GitHub
GitHub Stars4
CategoryEducation
Updated1mo ago
Forks0
livepwn/LabExploit

Languages

Python

Security Score

75/100

Audited on Feb 6, 2026

No findings