heap-exploitation
OfficialTurn glibc heap flaws into exploit primitives
Authoryaklang
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill consolidates expert techniques to analyze and exploit ptmalloc2/glibc heap vulnerabilities, enabling the conversion of UAFs, double frees, overflows, and off-by-one/null bugs into reliable arbitrary write or code execution primitives while accounting for glibc version constraints.
Core Features & Use Cases
- Comprehensive Technique Catalog: Detailed named methods (House of Force, Spirit, Orange, Einherjar, Roman, Pig, Banana, Cat, Apple) and tcache-specific attacks with required primitives and glibc applicability.
- Leak and Primitive Guidance: Practical methods for leaking libc and heap (unsortedbin, stdout corruption, tcache/fastbin reads), safe-linking (PROTECT_PTR) encoding/decoding, and choosing attack paths by glibc version.
- FSOP & IO_FILE Chains: Step-by-step FSOP, vtable hijack, stdout/stdin abuse, exit-flow targets, and post-2.34 alternatives when hooks are removed, with decision trees and practical templates.
Quick Start
Use the heap-exploitation skill to analyze a discovered glibc heap overflow and recommend a step-by-step exploit chain tailored to the target's glibc version and available primitives.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: heap-exploitation Download link: https://github.com/yaklang/hack-skills/archive/main.zip#heap-exploitation Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.