{"id":21977901,"url":"https://github.com/n3rada/ropcatalog","last_synced_at":"2025-10-12T12:34:06.654Z","repository":{"id":262342433,"uuid":"886788663","full_name":"n3rada/ropcatalog","owner":"n3rada","description":"Finding and classifying ROP gadgets from rp++ output file with some regex and a CLI.","archived":false,"fork":false,"pushed_at":"2025-05-22T14:47:13.000Z","size":419,"stargazers_count":4,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-05-22T15:49:17.921Z","etag":null,"topics":["asm","exp-301","exp-401","exploit-development","gadget","return-oriented-programming","rop","rop-chain","rop-gadgets","ropchain-generator","x64","x86"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/n3rada.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2024-11-11T15:54:40.000Z","updated_at":"2025-05-22T14:53:51.000Z","dependencies_parsed_at":"2025-05-22T15:36:21.571Z","dependency_job_id":"78734721-0644-4373-af98-c440b25e4d5e","html_url":"https://github.com/n3rada/ropcatalog","commit_stats":null,"previous_names":["n3rada/rp_catalog","n3rada/ropcatalog"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/n3rada/ropcatalog","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/n3rada%2Fropcatalog","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/n3rada%2Fropcatalog/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/n3rada%2Fropcatalog/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/n3rada%2Fropcatalog/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/n3rada","download_url":"https://codeload.github.com/n3rada/ropcatalog/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/n3rada%2Fropcatalog/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279011296,"owners_count":26084928,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-12T02:00:06.719Z","response_time":53,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["asm","exp-301","exp-401","exploit-development","gadget","return-oriented-programming","rop","rop-chain","rop-gadgets","ropchain-generator","x64","x86"],"created_at":"2024-11-29T16:16:54.571Z","updated_at":"2025-10-12T12:34:06.639Z","avatar_url":"https://github.com/n3rada.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n`ropcatalog` is a Python tool designed for parsing and analyzing ROP (Return-Oriented Programming) gadgets extracted from [rp++](https://github.com/0vercl0k/rp) output files. It helps identify, classify, and filter useful ROP gadgets.\n\nIt was built during OffSec journey. Primarly for [EXP-301 course](https://www.offsec.com/courses/exp-301/) and then [EXP-401](https://www.offsec.com/courses/exp-401/). These courses focuses on Windows exploit development.\n\n## Installation\n\nDesigned for simplicity, using `pipx` for isolation:\n\n```shell\npipx install 'git+https://github.com/n3rada/ropcatalog.git'\n```\n\nThen, you can use `ropcatalog` to help you leaf through the gadget catalog:\n```shell\nropcatalog ~/dump/libeay32IBM019.txt\n```\n\n## Quickstart\n\nDump gadgets using `rp++`:\n\n```shell\n.\\rp-win.exe -f \"C:\\Program Files\\ibm\\gsk8\\lib\\N\\icc\\osslib\\libeay32IBM019.dll\" --va=0 -r 5 \u003e libeay32IBM019.txt\n```\nThen, open your catalog with ASLR considerations (`--offset`) and output unique (`-u`) addresses in a copy-pastable Python format (`-s`):\n```shell\nropcatalog ~/dump/libeay32IBM019.txt -b \"\\x00\\x09\\x0a\\x0b\\x0c\\x0d\\x20\" -u -o -s python\n```\n\nIf you forgot how to browse your own catalog, use `help`\n\nNow, you can search for any gadget that copies the stack pointer (`ESP`) register to another register:\n![copy_esp_ASLR](./images/copy_esp_ASLR.png)\n\n\nWithout offset considerations, you can search inside any module for gadgets that dereference `ESI`:\n![deref_esi](./images/deref_esi.png)\n\n\nWithout using the Python copy-paste format, you can search for gadgets that zero `EAX`:\n![zero_eax](./images/zero_eax.png)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fn3rada%2Fropcatalog","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fn3rada%2Fropcatalog","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fn3rada%2Fropcatalog/lists"}