Ethereum Exploit and Recon Tool

https://github.com/cleanunicorn/theo

Make Dynamic Binaries Static

https://github.com/stong/static.py

Bypass Python Sandboxes

Audit Hooks

https://translate.google.com/translate?sl=auto&tl=en&u=https%3A%2F%2Fredoste.xyz%2F2020%2F05%2F04%2Ffr-write-up-fcsc-2020-why-not-a-sandbox%2F

https://daddycocoaman.dev/posts/bypassing-python38-audit-hooks-part-1/

Other:

Bypass Python sandboxes

https://gist.github.com/luca-m/5130167

Bypass character truncation

First, we need to defeat the blacklist. Google tells us that python identifiers use NFKC unicode normalization, meaning that we can use other variations to substitute for ASCII letters, such as fullwidth letters. This function will convert ASCII letters to fullwidth: (https://spinstars.dev/writeups/21/albatross)

import string
blacklist = string.ascii_letters + '"\\' '
def clean(s):
    return "".join(chr(ord(c) + 0xfee0) if c in blacklist else c for c in s)

Pickle Deserialization RCE

https://gist.github.com/mgeeky/cbc7017986b2ec3e247aab0b01a9edcd