⛓️ ROP Chain Calculator Desktop WIP
PythonPyKDWinDbgBinary Exploitation
What is it?
The WinDbg-integrated companion to the browser ROP Chain Calculator. A set of Python scripts that run inside WinDbg via PyKD, automating the grunt work of building multi-stage ROP chains against live targets.
What's in the Toolset
- IAT Scanner — scans all loaded modules for IAT entries pointing to
VirtualAlloc and WriteProcessMemory. Gives you the exact IAT slot address to dereference in your ROP chain for reliable dynamic resolution.
- Gadget Sequence Parser — parses binary files for gadget sequences in binary format, supporting automated gadget data generation
- Stage 2 Generator — assists in building multi-stage payloads where stage 1 ROP bootstraps stage 2 shellcode via
VirtualAlloc/WriteProcessMemory
- Single ROP Tester — isolated testing harness for verifying individual gadget chains before assembling the full chain
Requirements
- WinDbg with PyKD installed (
.load pykd.pyd)
- Target process loaded in WinDbg