General-purpose security research repository covering browser exploit chain development, post-exploitation techniques, and security assessment tooling. Contains CVE reproduction work across Chrome (V8, Blink, ANGLE, Skia) and Firefox (SpiderMonkey, IPC, WebAssembly), along with fuzzing infrastructure, reverse engineering notes, and a Databricks Apps security assessment delivered as an interactive Streamlit dashboard.
All materials in this repository are for educational purposes and authorized security testing only. Exploit code is provided to support defensive research, vulnerability reproduction, and security assessment under responsible disclosure. Do not use any code or technique against systems you do not own or have explicit written authorization to test.
| CVE | Target | Year | Technique | Level | Path |
|---|---|---|---|---|---|
| CVE-2024-0517 | Chrome V8 Maglev | 2024 | OOB Write | ACE | cves/chrome/2024/CVE-2024-0517/ |
| CVE-2024-1939 | Chrome V8 Wasm S128 | 2024 | Type Confusion | ACE | cves/chrome/2024/CVE-2024-1939/ |
| CVE-2024-5830 | Chrome V8 Object Transitions | 2024 | Type Confusion | ACE | cves/chrome/2024/CVE-2024-5830/ |
| CVE-2025-5959 | Chrome Wasm JSPI | 2025 | Sandbox Escape | ACE | cves/chrome/2025/CVE-2025-5959/ |
| CVE-2025-6558 | Chrome ANGLE WebGL2 | 2025 | UAF | UAF | cves/chrome/2025/CVE-2025-6558/ |
| CVE-2025-13223 | Chrome V8 Property Array | 2025 | Type Confusion | ARW | cves/chrome/2025/CVE-2025-13223/ |
| CVE-2026-2441 | Chrome CSS FontFeatureValuesMap | 2026 | UAF | UAF | cves/chrome/2026/CVE-2026-2441/ |
| CVE-2026-3909 | Chrome Skia Glyph Atlas | 2026 | OOB Write | OOB | cves/chrome/2026/CVE-2026-3909/ |
| CVE-2024-8381 | Firefox SpiderMonkey | 2024 | Type Confusion | Trigger | cves/firefox/2024/CVE-2024-8381/ |
| CVE-2024-9680 | Firefox AnimationTimeline | 2024 | UAF | UAF | cves/firefox/2024/CVE-2024-9680/ |
| CVE-2024-29943 | Firefox JIT Range Analysis | 2024 | BCE | ARW | cves/firefox/2024/CVE-2024-29943/ |
| CVE-2024-29944 | Firefox Privileged JS | 2024 | Sandbox Escape | ACE | cves/firefox/2024/CVE-2024-29944/ |
| CVE-2025-2857 | Firefox IPC | 2025 | Sandbox Escape | Trigger | cves/firefox/2025/CVE-2025-2857/ |
| CVE-2025-4918 | Firefox Promise | 2025 | OOB | OOB | cves/firefox/2025/CVE-2025-4918/ |
| CVE-2025-4919 | Firefox IonMonkey BCE | 2025 | OOB | ARW | cves/firefox/2025/CVE-2025-4919/ |
| CVE-2026-2795 | Firefox Wasm GC | 2026 | UAF | ACE | cves/firefox/2026/CVE-2026-2795/ |
| CVE-2026-2796 | Firefox Wasm JIT | 2026 | Type Confusion | Trigger | cves/firefox/2026/CVE-2026-2796/ |
Level key: ACE = arbitrary code execution, ARW = arbitrary read/write, UAF = use-after-free demonstrated, OOB = out-of-bounds access, Trigger = bug trigger only.
exploits/
├── cves/ # CVE reproductions, organized by target/year/CVE-ID
│ ├── chrome/
│ └── firefox/
├── tools/ # Standalone security tooling
│ ├── idol/ # IDOL — infection detection overlay
│ ├── win-remote/ # Windows remote testing agent
│ └── fuzzing/ # Fuzzing harnesses and generators
├── docs/ # Research notes, analysis, methodology
│ ├── advisories/
│ ├── analysis/
│ └── methodology/
├── reports/ # Security assessment reports
│ └── databricks-apps-assessment/ # Streamlit dashboard (src/ → build.py → app.py)
└── infra/ # Docker images, build scripts
├── docker/
└── scripts/
- IDOL (
tools/idol/) — Infection Detection Overlay for visualizing compromise indicators. - win-remote (
tools/win-remote/) — Remote agent for Windows-targeted testing. Requires.envconfiguration (see.env.example). - Fuzzing (
tools/fuzzing/) — JavaScript fuzzers for SpiderMonkey and V8 trigger discovery.
- Databricks Apps Assessment (
reports/databricks-apps-assessment/) — Interactive Streamlit dashboard demonstrating security concerns in Databricks App deployments. Built fromsrc/fragments viabuild.py.
- Clone the repo and install Python dependencies where needed (individual
requirements.txtfiles in relevant subdirectories). - Browse
cves/for specific CVE reproductions. Each CVE directory contains its own README with setup instructions. - See
docs/for research methodology and analysis notes. - For the Databricks assessment dashboard:
cd reports/databricks-apps-assessment && pip install -r requirements.txt && streamlit run app.py.
- Repository: github.com/AndrewAltimit/exploits
- GitHub Pages: andrewaltimit.github.io/exploits
- Live Dashboard: andrewaltimit.github.io/exploits/dashboard — runs in-browser via WebAssembly, no install required