OFRAK is a binary analysis and modification framework. It has a web-based GUI for exploration, and a Python API for automation. The GUI automatically generates Python scripts from users' actions, making it easy to transition from exploration to automation. Check it out on GitHub.
This project makes it possible to remotely run an OFRAK instance entirely from your browser, without installing anything. This is great for:
- Trying out OFRAK without committing to setting it up
- Working on an OFRAK project with multiple people, such as when using OFRAK for CTF problems
- Using OFRAK on a computer where you do not have permission to install software, such as at school or the library
- Using OFRAK on a mobile device like an iPad or VR headset
-
Make sure you are logged into GitHub. A GitHub account is required.
-
Create your own copy of this repository by clicking this link.
-
Go to the "Actions" tab of your new repository, and press "Run OFRAK" on the left.
-
Run the GitHub Actions workflow.
-
Click the link to access OFRAK.
-
Profit...
-
Use the "kill" link to terminate the Actions workflow cleanly. The workflow is automatically killed after six hours, but you should kill it manually when you are done to avoid wasting resources.
I work on OFRAK as part of my day job at Red Balloon Security. This project was made outside of work, and was not sanctioned by Red Balloon. The code is based, in-part, on my CTF Collab project from a few years ago.
All connection data is sent over a tunnel using
tunnel.pyjam.as
. This service is generously
provided for public use. I do not operate it. Please don't abuse it! Also,
don't use it for sensitive or private data. Run OFRAK locally for that.
Alternatively, self-host your own tunnel.
- Wyatt Ford, Edward Larson, and the others who have worked on OFRAK
- Logan Snow
pyjam.as