8000
Skip to content

allsmog/pwn-claude-plugin

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
pwn-htb
pwn-htb
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

pwn-claude-plugin

Claude Code plugin for binary exploitation (pwn) challenges on HackTheBox and CTFs.

Part of a security plugin suite alongside whitebox-claude-plugin and blackbox-claude-plugin.

Features

  • 5-Phase Methodology — structured workflow: setup, recon, static analysis, dynamic analysis, exploit development
  • 16 Slash Commands — from full methodology (/pwn) to individual exploit templates (/pwn-ret2libc, /pwn-rop, etc.)
  • 3 Autonomous Agents — binary-analyzer, exploit-suggester, template-generator
  • Pwntools Exploit Templates — ret2win, ret2libc, format string, master template
  • GDB/pwndbg Integration — project-specific .gdbinit generation, crash analysis, offset calculation
  • Hook-Based Binary Auto-Detection — automatically detects and analyzes ELF binaries on session start
  • Protection-Aware — adapts exploitation suggestions based on checksec output (NX, PIE, RELRO, canary, etc.)

Installation

git clone https://github.com/allsmog/pwn-claude-plugin.git
claude --plugin-dir ./pwn-claude-plugin/pwn-htb

Prerequisites

Required

  • Python 3.8+
  • pwntools (pip install pwntools)
  • GDB with pwndbg extension
  • checksec (apt install checksec or via pwntools)

Optional (auto-installed via pip if missing)

  • ropper (pip install ropper)
  • one_gadget (gem install one_gadget)
  • seccomp-tools (gem install seccomp-tools)
  • ROPgadget (pip install ROPgadget)

Quick Start

claude --plugin-dir ./pwn-claude-plugin/pwn-htb

# Verify tools are installed
> /pwn-setup

# Recon a binary
> /pwn-recon ./challenge

# Static analysis
> /pwn-static ./challenge

# Generate an exploit from findings
> /pwn-exploit

Or run the full 5-phase methodology in one command:

> /pwn ./challenge

Commands

Main Workflow

Command Description
/pwn <binary> Run full methodology (all 5 phases with confirmations)
/pwn-setup Environment setup and tool verification
/pwn-recon <binary> Reconnaissance phase (checksec, file, strings)
/pwn-static <binary> Static analysis (disassembly, dangerous functions)
/pwn-dynamic <binary> Dynamic analysis (GDB scripts, offset calculation)
/pwn-exploit Exploit development guidance

Exploit Templates

Command Description
/pwn-template Interactive template selector
/pwn-ret2libc ret2libc / ret2system template
/pwn-rop ROP chain construction template
/pwn-format-string Format string exploit template
/pwn-shellcode Shellcode injection template
/pwn-got-overwrite GOT overwrite template
/pwn-heap Heap exploitation (tcache/fastbin) template
/pwn-srop Sigreturn-oriented programming template

Utilities

Command Description
/pwn-gdbinit Generate project-specific .gdbinit for pwndbg
/pwn-libc <address> Identify libc version from leaked addresses

Agents

Agent Purpose
binary-analyzer Autonomous reconnaissance and static analysis
exploit-suggester Recommends exploitation techniques based on findings
template-generator Creates customized pwntools exploit skeletons

Exploit Templates

Pre-built pwntools templates in pwn-htb/templates/:

Template File
Master template exploit-template.py
ret2win ret2win.py
ret2libc ret2libc.py
Format string format-string.py

License

MIT

About

Claude Code plugin for binary exploitation (pwn) challenges on HackTheBox and CTFs

Topics

security reverse-engineering gdb cybersecurity pwn ctf pwndbg pwntools rop binary-exploitation exploit-development htb hack-the-box claude-code claude-code-plugin

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

 
 
 

Contributors

Languages
0