{"id":7093,"date":"2011-06-16T17:01:55","date_gmt":"2011-06-16T15:01:55","guid":{"rendered":"https:\/\/www.corelan.be\/?p=7093"},"modified":"2026-03-22T10:14:51","modified_gmt":"2026-03-22T09:14:51","slug":"mona-1-0-released","status":"publish","type":"post","link":"https:\/\/www.corelan.be\/index.php\/2011\/06\/16\/mona-1-0-released\/","title":{"rendered":"Mona 1.0 released !"},"content":{"rendered":"<h3>FINALLY !<\/h3>\n<p><a class=\"thickbox\" href=\"https:\/\/www.corelan.be\/wp-content\/uploads\/2011\/06\/DSC0651.jpg\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; border-bottom: 0px; border-left: 0px; margin: 7px; padding-left: 0px; padding-right: 0px; display: inline; float: left; border-top: 0px; border-right: 0px; padding-top: 0px\" title=\"_DSC0651\" border=\"0\" alt=\"_DSC0651\" align=\"left\" src=\"https:\/\/www.corelan.be\/wp-content\/uploads\/2011\/06\/DSC0651_thumb.jpg\" width=\"240\" height=\"160\" \/><\/a>     <br \/>After spending almost 5 months of designing, developing and testing, and after 'surviving' 2 presentations (at AthCon and Hack In <a href=\"https:\/\/www.corelan.be\/wp-content\/uploads\/2011\/06\/cf6nl.jpg\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; border-bottom: 0px; border-left: 0px; margin: 7px; padding-left: 0px; padding-right: 0px; display: inline; float: right; border-top: 0px; border-right: 0px; padding-top: 0px\" title=\"cf6nl\" border=\"0\" alt=\"cf6nl\" align=\"right\" src=\"https:\/\/www.corelan.be\/wp-content\/uploads\/2011\/06\/cf6nl_thumb.jpg\" width=\"192\" height=\"144\" \/><\/a>Paris), I am extremely excited and proud to present, on behalf of the entire Corelan Team, the general availability of mona.py.<\/p>\n<p>Together with this announcement, we also declare pvefindaddr officially dead from this point forward.<\/p>\n<p>This doesn't mean pvefindaddr is now entirely worthless now, because not all functions have been ported into mona yet.<\/p>\n<p>It simply means we won't be releasing any updates to pvefindaddr anymore and the entire project page\/download page will eventually disappear after all functionality has been ported into mona.<\/p>\n<p>&#160;<\/p>\n<h3>What is mona ?<\/h3>\n<p>For anyone who missed my talks (either at AthCon or Hack In Paris), mona is the long awaited successor to pvefindaddr.&#160; Named after my daughter (I'm sure she's too young to <a class=\"thickbox\" href=\"https:\/\/www.corelan.be\/wp-content\/uploads\/2011\/06\/hackinparis_IMG_8830.jpg\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; border-right-width: 0px; margin: 7px; padding-left: 0px; padding-right: 0px; display: inline; float: right; border-top-width: 0px; border-bottom-width: 0px; border-left-width: 0px; padding-top: 0px\" title=\"hackinparis_IMG_8830\" border=\"0\" alt=\"hackinparis_IMG_8830\" align=\"right\" src=\"https:\/\/www.corelan.be\/wp-content\/uploads\/2011\/06\/hackinparis_IMG_8830_thumb.jpg\" width=\"240\" height=\"180\" \/><\/a>realize or even care at this point), this Immunity Debugger PyCommands introduces a lot of improvements and new features compared to pvefindaddr, including :<\/p>\n<ul>\n<li><font color=\"#ffffff\">Complete overhaul\/rewrite of all search functionality. All searches are now a lot faster (up to 20 times in some cases)<\/font><\/li>\n<li><font color=\"#ffffff\">Better integration with the various functions and classes in the PyCommand. The suggest function will, for example, immediately search for a pointer that should bring you to your payload.<\/font><\/li>\n<li><font color=\"#ffffff\">Major improvements in terms of finetuning searches. You can now specify module critiria (basically including or excluding aslr, rebase, os and\/or safeseh modules from searches), you can specifiy pointer criteria (ascii, asciiprint, unicode, nonull, upper, lower, numeric, etc), and you can even specify a list of badchars (to avoid pointers that contain one of more of those bad chars). This should allow you to treat pointers as data on the stack and apply the same rules as you would when encoding your payload with for instance metaploit msfencode.<\/font><\/li>\n<li><font color=\"#ffffff\">We also implemented a config file. This file allows you to set 2 parameters : &quot;workingfolder&quot;, basically defining where you want the output files to be written to. If you include %p in the path, it will get replaced with the process name at runtime.&#160; A second parameter is &quot;excluded_modues&quot;, which can have a list of modules to exclude from every search operation. (Shell extensions, virtual machine guest addition tools, etc).<\/font><\/li>\n<li><font color=\"#ffffff\">The rop gadget generator was entirely rewritten.&#160; It will still produce a rop.txt file, but it will also create a few more files : rop_suggestions (which will contain categorized gadgets, which based on our own experience, are very likely going to be the ones that&#160; you need when writing a rop exploit), and rop_virtualprotect (which will contain a rop chain... that is, if the rop gadget generator could find a &quot;pickup&quot; pointer and a &quot;pushad&quot; pointer).&#160; It will also allow you to look for stackpivots with a certain minimum and maximum offset value, and on top of that, it will try to locate static\/reliable pointers to pointers to interesting functions in terms of bypassing DEP (VirtualProtect, VIrtualAlloc, etc etc)&#160; In short, yes, mona will do rop automation. I'm sure this is a feature a lot of people in the security community have been wanting for a long time. It's still not perfect in all cases, but it should buy you an awful lot of time already.<\/font> <\/li>\n<\/ul>\n<p>&#160;<\/p>\n<p>Those are just a handful of new features, but there are many more. We will be writing about all of the new features in the near future, and we'll also continue to update our documentation pages to reflect those improvement in days and weeks to come.<\/p>\n<p>We also have some good ideas on additional functionality and extended improvements for version 1.1, so stay tuned.&#160; In the meantime, you can check out the presentation slidedeck (which I used at AthCon and Hack In Paris) at the link below. It should give you a quick overview of what we did and what the results look like.<\/p>\n<p>Download slides <a href=\"https:\/\/www.corelan.be\/public\/presentations\/athcon_hip2011.pdf\" target=\"_blank\">here<\/a>. During the presentation, I used 3 video's. You can find the video's here :<\/p>\n<p>Demo 1 : pvefindaddr suggest : <a href=\"http:\/\/www.youtube.com\/watch?v=JiKyOIS4yx0\">http:\/\/www.youtube.com\/watch?v=JiKyOIS4yx0<\/a><\/p>\n<p>Demo 2 : mona suggest : <a href=\"http:\/\/www.youtube.com\/watch?v=klXFqtYR5Mg\">http:\/\/www.youtube.com\/watch?v=klXFqtYR5Mg<\/a><\/p>\n<p>Demo 3 : Rop automation : <a href=\"http:\/\/www.youtube.com\/watch?v=0rRLcFd6_Jk\">http:\/\/www.youtube.com\/watch?v=0rRLcFd6_Jk<\/a>&#160;<\/p>\n<p>&#160;<\/p>\n<h3>Where to get it ?<\/h3>\n<p>You can find the project page for mona here : <a title=\"http:\/\/redmine.corelan.be\/projects\/mona\" href=\"https:\/\/github.com\/corelan\/mona\">http:\/\/redmine.corelan.be\/projects\/mona<\/a><\/p>\n<p>There are 2 versions of mona : a stable &quot;release'&quot; version and a development &quot;trunk&quot; version. If you want the bleeding edge changes (but take the risk that something is broken), the latter will be the one you would want to download.<\/p>\n<p>Either way, you can use the !mona update function to download the latest version of the corresponding version you have installed on your system)<\/p>\n<p>&#160;<\/p>\n<h3>Corelan Team needs you !<\/h3>\n<p>We have been testing the PyCommand over the last few weeks, but that doesn't mean it's bug free.&#160; If you discover issues or want to suggest new features or improvements, don't hesitate to contact us (peter [dot] ve @ corelan [dot] be).<\/p>\n<h3>Thanks to<\/h3>\n<ul>\n<li>Corelan Team - awesome job guys!<\/li>\n<li>My wife and daughter, for their everlasting love and support<\/li>\n<li>the AthCon and Hack In Paris organization, for giving me the opportunity to do a presentation and show mona to the world.<\/li>\n<li>All friends around the globe<\/li>\n<\/ul>\n<hr \/>\n","protected":false},"excerpt":{"rendered":"<p>FINALLY !<br \/>\nAfter spending almost 6 months of designing, developing and testing, and after 'surviving' 2 presentations (at AthCon and Hack In Paris), I am extremely excited and proud to present, on behalf of the entire Corelan Team, the general availability of mona.py.<\/p>\n<p>With this announcement, we also declare pvefindaddr officially dead from this point forward. (This doesn't mean pvefindaddr is now entirely worthless, because not all functions have been ported into mona yet, but we won't be releasing any updates to pvefindaddr anymore and the entire project page\/download page will eventually disappear)<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[3708,244,245,127,1],"tags":[3733,2802,2339,2331,2128,1977,1933,1817],"class_list":["post-7093","post","type-post","status-publish","format-standard","hentry","category-debugging","category-exploit-writing-tutorials","category-exploits","category-security","category-uncategorized","tag-exploit-development-tutorial","tag-mona-py","tag-rop","tag-gadget","tag-immunity-debugger","tag-pvefindaddr","tag-pycommand","tag-eip"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Mona 1.0 released ! - Corelan | Exploit Development &amp; Vulnerability Research<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.corelan.be\/index.php\/2011\/06\/16\/mona-1-0-released\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Mona 1.0 released ! - Corelan | Exploit Development &amp; Vulnerability Research\" \/>\n<meta property=\"og:description\" content=\"FINALLY ! After spending almost 6 months of designing, developing and testing, and after &#039;surviving&#039; 2 presentations (at AthCon and Hack In Paris), I am extremely excited and proud to present, on behalf of the entire Corelan Team, the general availability of mona.py. With this announcement, we also declare pvefindaddr officially dead from this point forward. (This doesn&#039;t mean pvefindaddr is now entirely worthless, because not all functions have been ported into mona yet, but we won&#039;t be releasing any updates to pvefindaddr anymore and the entire project page\/download page will eventually disappear)\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.corelan.be\/index.php\/2011\/06\/16\/mona-1-0-released\/\" \/>\n<meta property=\"og:site_name\" content=\"Corelan | Exploit Development &amp; Vulnerability Research\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/corelanconsulting\" \/>\n<meta property=\"article:published_time\" content=\"2011-06-16T15:01:55+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-22T09:14:51+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.corelan.be\/wp-content\/uploads\/2011\/06\/DSC0651_thumb.jpg\" \/>\n<meta name=\"author\" content=\"corelanc0d3r\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@corelanc0d3r\" \/>\n<meta name=\"twitter:site\" content=\"@corelanc0d3r\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"TechArticle\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2011\\\/06\\\/16\\\/mona-1-0-released\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2011\\\/06\\\/16\\\/mona-1-0-released\\\/\"},\"author\":{\"name\":\"corelanc0d3r\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#\\\/schema\\\/person\\\/3be5542b9b0a0787893db83a5ad68e8f\"},\"headline\":\"Mona 1.0 released !\",\"datePublished\":\"2011-06-16T15:01:55+00:00\",\"dateModified\":\"2026-03-22T09:14:51+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2011\\\/06\\\/16\\\/mona-1-0-released\\\/\"},\"wordCount\":876,\"publisher\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2011\\\/06\\\/16\\\/mona-1-0-released\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.corelan.be\\\/wp-content\\\/uploads\\\/2011\\\/06\\\/DSC0651_thumb.jpg\",\"keywords\":[\"exploit development tutorial\",\"mona.py\",\"rop\",\"gadget\",\"immunity debugger\",\"pvefindaddr\",\"pycommand\",\"eip\"],\"articleSection\":[\"Debugging\",\"Exploit Writing Tutorials\",\"Exploits\",\"Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2011\\\/06\\\/16\\\/mona-1-0-released\\\/\",\"url\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2011\\\/06\\\/16\\\/mona-1-0-released\\\/\",\"name\":\"Mona 1.0 released ! - Corelan | Exploit Development &amp; Vulnerability Research\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2011\\\/06\\\/16\\\/mona-1-0-released\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2011\\\/06\\\/16\\\/mona-1-0-released\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.corelan.be\\\/wp-content\\\/uploads\\\/2011\\\/06\\\/DSC0651_thumb.jpg\",\"datePublished\":\"2011-06-16T15:01:55+00:00\",\"dateModified\":\"2026-03-22T09:14:51+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2011\\\/06\\\/16\\\/mona-1-0-released\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2011\\\/06\\\/16\\\/mona-1-0-released\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2011\\\/06\\\/16\\\/mona-1-0-released\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.corelan.be\\\/wp-content\\\/uploads\\\/2011\\\/06\\\/DSC0651_thumb.jpg\",\"contentUrl\":\"https:\\\/\\\/www.corelan.be\\\/wp-content\\\/uploads\\\/2011\\\/06\\\/DSC0651_thumb.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2011\\\/06\\\/16\\\/mona-1-0-released\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.corelan.be\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Mona 1.0 released !\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#website\",\"url\":\"https:\\\/\\\/www.corelan.be\\\/\",\"name\":\"Corelan CyberSecurity Research\",\"description\":\"Corelan publishes in-depth tutorials on exploit development, Windows exploitation, vulnerability research, heap internals, reverse engineering and security tooling used by professionals worldwide.\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.corelan.be\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#organization\",\"name\":\"Corelan CyberSecurity Research\",\"url\":\"https:\\\/\\\/www.corelan.be\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.corelan.be\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/corelanlogo2_small-20.png\",\"contentUrl\":\"https:\\\/\\\/www.corelan.be\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/corelanlogo2_small-20.png\",\"width\":200,\"height\":200,\"caption\":\"Corelan CyberSecurity Research\"},\"image\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/corelanconsulting\",\"https:\\\/\\\/x.com\\\/corelanc0d3r\",\"https:\\\/\\\/x.com\\\/corelanconsulting\",\"https:\\\/\\\/instagram.com\\\/corelanconsult\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#\\\/schema\\\/person\\\/3be5542b9b0a0787893db83a5ad68e8f\",\"name\":\"corelanc0d3r\",\"pronouns\":\"he\\\/him\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/3783bed6acd72d7fa5bb2387d88acbb9a3403e7cada60b2037e1cbb74ad451f9?s=96&d=mm&r=x\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/3783bed6acd72d7fa5bb2387d88acbb9a3403e7cada60b2037e1cbb74ad451f9?s=96&d=mm&r=x\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/3783bed6acd72d7fa5bb2387d88acbb9a3403e7cada60b2037e1cbb74ad451f9?s=96&d=mm&r=x\",\"caption\":\"corelanc0d3r\"},\"description\":\"Peter Van Eeckhoutte is the founder of Corelan and a globally recognized expert in exploit development and vulnerability research. With over two decades in IT security, he built Corelan into a respected platform for deep technical research, hands-on training, and knowledge sharing. Known for his influential exploit development tutorials, tools, and real-world training, Peter combines a strong research mindset with a passion for education\u2014helping security professionals understand not just how exploits work, but why.\",\"sameAs\":[\"https:\\\/\\\/www.corelan-training.com\",\"https:\\\/\\\/instagram.com\\\/corelanc0d3r\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/petervaneeckhoutte\\\/\",\"https:\\\/\\\/x.com\\\/corelanc0d3r\"],\"url\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/author\\\/admin0\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Mona 1.0 released ! - Corelan | Exploit Development &amp; Vulnerability Research","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.corelan.be\/index.php\/2011\/06\/16\/mona-1-0-released\/","og_locale":"en_US","og_type":"article","og_title":"Mona 1.0 released ! - Corelan | Exploit Development &amp; Vulnerability Research","og_description":"FINALLY ! After spending almost 6 months of designing, developing and testing, and after 'surviving' 2 presentations (at AthCon and Hack In Paris), I am extremely excited and proud to present, on behalf of the entire Corelan Team, the general availability of mona.py. With this announcement, we also declare pvefindaddr officially dead from this point forward. (This doesn't mean pvefindaddr is now entirely worthless, because not all functions have been ported into mona yet, but we won't be releasing any updates to pvefindaddr anymore and the entire project page\/download page will eventually disappear)","og_url":"https:\/\/www.corelan.be\/index.php\/2011\/06\/16\/mona-1-0-released\/","og_site_name":"Corelan | Exploit Development &amp; Vulnerability Research","article_publisher":"https:\/\/www.facebook.com\/corelanconsulting","article_published_time":"2011-06-16T15:01:55+00:00","article_modified_time":"2026-03-22T09:14:51+00:00","og_image":[{"url":"https:\/\/www.corelan.be\/wp-content\/uploads\/2011\/06\/DSC0651_thumb.jpg","type":"","width":"","height":""}],"author":"corelanc0d3r","twitter_card":"summary_large_image","twitter_creator":"@corelanc0d3r","twitter_site":"@corelanc0d3r","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"TechArticle","@id":"https:\/\/www.corelan.be\/index.php\/2011\/06\/16\/mona-1-0-released\/#article","isPartOf":{"@id":"https:\/\/www.corelan.be\/index.php\/2011\/06\/16\/mona-1-0-released\/"},"author":{"name":"corelanc0d3r","@id":"https:\/\/www.corelan.be\/#\/schema\/person\/3be5542b9b0a0787893db83a5ad68e8f"},"headline":"Mona 1.0 released !","datePublished":"2011-06-16T15:01:55+00:00","dateModified":"2026-03-22T09:14:51+00:00","mainEntityOfPage":{"@id":"https:\/\/www.corelan.be\/index.php\/2011\/06\/16\/mona-1-0-released\/"},"wordCount":876,"publisher":{"@id":"https:\/\/www.corelan.be\/#organization"},"image":{"@id":"https:\/\/www.corelan.be\/index.php\/2011\/06\/16\/mona-1-0-released\/#primaryimage"},"thumbnailUrl":"https:\/\/www.corelan.be\/wp-content\/uploads\/2011\/06\/DSC0651_thumb.jpg","keywords":["exploit development tutorial","mona.py","rop","gadget","immunity debugger","pvefindaddr","pycommand","eip"],"articleSection":["Debugging","Exploit Writing Tutorials","Exploits","Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.corelan.be\/index.php\/2011\/06\/16\/mona-1-0-released\/","url":"https:\/\/www.corelan.be\/index.php\/2011\/06\/16\/mona-1-0-released\/","name":"Mona 1.0 released ! - Corelan | Exploit Development &amp; Vulnerability Research","isPartOf":{"@id":"https:\/\/www.corelan.be\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.corelan.be\/index.php\/2011\/06\/16\/mona-1-0-released\/#primaryimage"},"image":{"@id":"https:\/\/www.corelan.be\/index.php\/2011\/06\/16\/mona-1-0-released\/#primaryimage"},"thumbnailUrl":"https:\/\/www.corelan.be\/wp-content\/uploads\/2011\/06\/DSC0651_thumb.jpg","datePublished":"2011-06-16T15:01:55+00:00","dateModified":"2026-03-22T09:14:51+00:00","breadcrumb":{"@id":"https:\/\/www.corelan.be\/index.php\/2011\/06\/16\/mona-1-0-released\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.corelan.be\/index.php\/2011\/06\/16\/mona-1-0-released\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.corelan.be\/index.php\/2011\/06\/16\/mona-1-0-released\/#primaryimage","url":"https:\/\/www.corelan.be\/wp-content\/uploads\/2011\/06\/DSC0651_thumb.jpg","contentUrl":"https:\/\/www.corelan.be\/wp-content\/uploads\/2011\/06\/DSC0651_thumb.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.corelan.be\/index.php\/2011\/06\/16\/mona-1-0-released\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.corelan.be\/"},{"@type":"ListItem","position":2,"name":"Mona 1.0 released !"}]},{"@type":"WebSite","@id":"https:\/\/www.corelan.be\/#website","url":"https:\/\/www.corelan.be\/","name":"Corelan CyberSecurity Research","description":"Corelan publishes in-depth tutorials on exploit development, Windows exploitation, vulnerability research, heap internals, reverse engineering and security tooling used by professionals worldwide.","publisher":{"@id":"https:\/\/www.corelan.be\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.corelan.be\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.corelan.be\/#organization","name":"Corelan CyberSecurity Research","url":"https:\/\/www.corelan.be\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.corelan.be\/#\/schema\/logo\/image\/","url":"https:\/\/www.corelan.be\/wp-content\/uploads\/2026\/03\/corelanlogo2_small-20.png","contentUrl":"https:\/\/www.corelan.be\/wp-content\/uploads\/2026\/03\/corelanlogo2_small-20.png","width":200,"height":200,"caption":"Corelan CyberSecurity Research"},"image":{"@id":"https:\/\/www.corelan.be\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/corelanconsulting","https:\/\/x.com\/corelanc0d3r","https:\/\/x.com\/corelanconsulting","https:\/\/instagram.com\/corelanconsult"]},{"@type":"Person","@id":"https:\/\/www.corelan.be\/#\/schema\/person\/3be5542b9b0a0787893db83a5ad68e8f","name":"corelanc0d3r","pronouns":"he\/him","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/3783bed6acd72d7fa5bb2387d88acbb9a3403e7cada60b2037e1cbb74ad451f9?s=96&d=mm&r=x","url":"https:\/\/secure.gravatar.com\/avatar\/3783bed6acd72d7fa5bb2387d88acbb9a3403e7cada60b2037e1cbb74ad451f9?s=96&d=mm&r=x","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/3783bed6acd72d7fa5bb2387d88acbb9a3403e7cada60b2037e1cbb74ad451f9?s=96&d=mm&r=x","caption":"corelanc0d3r"},"description":"Peter Van Eeckhoutte is the founder of Corelan and a globally recognized expert in exploit development and vulnerability research. With over two decades in IT security, he built Corelan into a respected platform for deep technical research, hands-on training, and knowledge sharing. Known for his influential exploit development tutorials, tools, and real-world training, Peter combines a strong research mindset with a passion for education\u2014helping security professionals understand not just how exploits work, but why.","sameAs":["https:\/\/www.corelan-training.com","https:\/\/instagram.com\/corelanc0d3r","https:\/\/www.linkedin.com\/in\/petervaneeckhoutte\/","https:\/\/x.com\/corelanc0d3r"],"url":"https:\/\/www.corelan.be\/index.php\/author\/admin0\/"}]}},"views":23635,"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/posts\/7093","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/comments?post=7093"}],"version-history":[{"count":1,"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/posts\/7093\/revisions"}],"predecessor-version":[{"id":17268,"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/posts\/7093\/revisions\/17268"}],"wp:attachment":[{"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/media?parent=7093"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/categories?post=7093"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/tags?post=7093"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}