LabExploit

SECURITY RESEARCH TOOL - USE RESPONSIBLY

A security research tool for exploit development and analysis with built-in safety controls.

Legal and Ethical Warning

IMPORTANT: This tool is designed for:

• Authorized security research
• Educational purposes
• Penetration testing on systems you own or have explicit permission to test

PROHIBITED:

• Unauthorized testing on systems you don't own
• Malicious activities
• Violating local, state, federal, or international laws

By using this tool, you accept full responsibility for your actions.

Features

• Buffer Overflow - Generate overflow payloads with safety checks
• ROP Chain Building - Construct ROP chains from gadgets
• Format String Exploits - Create format string payloads
• Shellcode Generation - Generate various shellcode types (with safety gates)
• Fuzzing - Create random payloads for testing
• Crash Detection - Detect and analyze program crashes
• Binary Analysis - Check security features and properties

Safety First Design

• Dry-run by default - No actions executed without explicit consent
• Unsafe operations gated - Requires --unsafe flag and interactive confirmation
• Comprehensive logging - All unsafe actions are logged
• No destructive defaults - Cannot accidentally damage systems

Quick Start

Installation

# From source
git clone https://github.com/livepwn/LabExploit.git
cd LabExploit
sudo pip install -e .    or    if having error like me in pip try (sudo pip install --break-system-packages  -e . )
sudo python3 setup.py develop 

# Or via Debian package (when available)
dpkg -i liveexploit_*.deb

Commands

show help

liveexploit --help

show version

liveexploit --version

Analyze

liveexploit analyze /bin/ls

Analyze protections and symbols (dry-run ok)

liveexploit --dry-run analyze ./binaries/sample

Buffer payloads (preview / write)

Preview a buffer payload (safe)

liveexploit --dry-run buffer --padding 64 --ret-address 0xdeadbeef --arch i386

Generate and write payload to file (unsafe; confirm)

LIVEEXPLOIT_ALLOW_UNSAFE=1 printf "I UNDERSTAND\n" | liveexploit --unsafe buffer --padding 4096 --ret-address 0x401234 --arch amd64 > payload.bin

ROP chain builder

Preview ROP chain (dry-run)

liveexploit --dry-run rop /bin/ls --gadgets 0x401000 0x402000

Build actual ROP chain (unsafe)

LIVEEXPLOIT_ALLOW_UNSAFE=1 printf "I UNDERSTAND\n" | liveexploit --unsafe rop /usr/bin/id --gadgets 0x500000 0x500100

Format-string payloads

Single write (preview)

liveexploit --dry-run fmt --offset 5 --write 0x601234 0x41414141

Two writes (preview)

liveexploit --dry-run fmt --offset 7 --write 0x601000 0xdeadbeef --write 0x601004 0xcafebabe

Shellcode generation

Exec-shellcode (preview)

liveexploit --dry-run shellcode exec --arch x64

Generate reverse shellcode (unsafe; confirm)

LIVEEXPLOIT_ALLOW_UNSAFE=1 printf "I UNDERSTAND\n" | liveexploit --unsafe shellcode reverse --ip 127.0.0.1 --port 4444 --arch x64

Fuzzing helpers

Produce a fuzz payload (safe)

liveexploit fuzz --length 500

Deterministic fuzz with seed (safe)

liveexploit fuzz --length 200 --seed 12345

Crash detection / fuzz → crash

Simple crash detection run (safe if target is your test binary)

liveexploit detect-crash ./binary --payload /dev/null --timeout 10

Fuzz target (unsafe - interactive or token required)

LIVEEXPLOIT_ALLOW_UNSAFE=1 printf "I UNDERSTAND\n" | liveexploit --unsafe fuzz --iterations 500 ./binary

Memory dump (test-harness only)

Dump memory of a test PID (unsafe, test harness only)

LIVEEXPLOIT_ALLOW_UNSAFE=1 printf "I UNDERSTAND\n" | liveexploit --unsafe memdump --pid 12345

Generate report

Produce JSON report of the last run

liveexploit report --output exploit_report.json

Quick smoke-check sequence (safe

liveexploit --help
liveexploit --dry-run analyze ./binaries/sample
liveexploit --dry-run buffer --padding 64 --ret-address 0x41414141 --arch amd64
liveexploit --dry-run fmt --offset 5 --write 0x601000 0xdeadbeef
liveexploit report --output demo_report.json