LOL-Fav

Thanks to the internet!

Com-Sys

Linux Internals

Misc.  Internals

  1. C Function Calls Convention on the Stack
  2. The Anatomy of an Executable
  3. Introducing Character Sets & Encoding
  4. An Introduction to Writing System & Unicode

Many But Finite – Computer System Sieries

Operating System

Assembly

  1. x86 nasm Assembly Quick Reference
  2. Intel Pentium Instruction Set
  3. Win32 Assembly
  4. cgasm – Offline Assembly Documentation
  5. x86 Op Code & Instruction Reference
  6. Linux System Call Table
  7. Linux Sys Call Ref
  8. NASM Tutorial

Debugging

  1. Getting Started with windbg ( User mode )
  2. Getting Started with windbg ( Kernel mode )
  3. Getting Started with windbg #1
  4. Getting Started with windbg #2
  5. Getting Started with windbg #3
  6. GDB Command Reference

[ Videos ]

  1. Debug : The Secret Lives of Debuggers

 

Rev-Eng

[ Workshops ] Reverse Engineering Workshops Collection

  1. Nnamon’s Reverse Engineering & Exploitation Workshop
  2. Reverse Engineering Workshop – Sprout 2018
  3. Reversing Workshop : Solving Flare-on 2016
  4. Reverse Engineering Malware 101 – Malware Unicorn

Exp-Dev

[ Series ] Security Sift ‘s Windows exploitation Blog Posts

  1. Basics
  2. Introduction to Stack Overflow
  3. Changing offsets & Rebased modules
  4. Locating shellcode jump
  5. Locating shellcode Egg hunting
  6. SEH exploits
  7. Unicode Buffer Overflows

[ Series ] Corelan.be Windows Exploit Development blog posts

  1. https://www.corelan.be/index.php/articles/ ( Windows )
  2. https://www.corelan.be/index.php/forum/exploit-writing-tutorials-linux/ ( Linux )

[Series ] Sploitfun Linux Exploitation Tutorials Series

  1. Classic Stack Based Buffer Overflow
  2. Integer Overflow
  3. Off-by-One Stack Based
  4. Bypassing NX using return to libc
  5. Bypassing NX using chained return to libc
  6. Bypassing ASLR using return to PLT
  7. Bypassing ASLR using Bruteforce
  8. Bypassing ASLR using GOT Overwrite and GOT Deference
  9. Understanding glibc malloc()
  10. Heap Overflow using unlink()
  11. Heap Overflow using Malloc Maleficarum
  12. Off-by-one Heap Based
  13. Use After Free

[ Series ] Dhaval Kapil’s Linux Exploitation Tutorials

  1. Buffer Overflow Exploit
  2. Shellcode Injection
  3. Heap Exploitation Book

[ Series ] The Amazing King – Windows Exploitation Tutorials

  1. Overview
  2. Stack Corruption for newbies
  3. EIP Redirection
  4. Execution Arbitary Code
  5. SFP overwrite
  6. Format Strings Bug

[ Series ] The Grey Corner Windows Exploitation Tutorials

  1. Simple Stack based BoF Tutorial for vulnerable server
  2. SEH based BoF Tutorial for vulnerable server
  3. Egg Hunter based Exploit for vulnerable server
  4. Restricted Character Set exploit for vulneraable server

[ Series ] Fuzzy Security’s Windows + Linux exploitation Tutorials

  1. http://www.fuzzysecurity.com/tutorials.html

[ Series ] Azeria Labs for ARM Exploitation

  1. https://azeria-labs.com/

[Series ] GB_Master’s x86 Exploitation Tutorials

  1. Assembly 101 – Part 1 – Basic
  2. Assembly 101 – Part 2 – Conditional jumps , Logic and Shifiting
  3. Assembly 101 – Part 3 – Multiplications , Repetition and Switches
  4. Exploitation 101 – Part 1 – Stack gets over its Head
  5. Exploitation 101 – Part 2 – Born in a Shell
  6. Exploitation 101 – Part 3 – Heap Overflow , Unlink me , would you please?
  7. Exploitation 101 – Part 4 – First Witchy House
  8. Exploitation 101 – Part 5 – House of Mind : Undead and Loving it
  9. Exploitation 101 – Part 6 – House of Force : Jedi Overflow
  10. Exploitation 101 – Part 7 – House of Lore : People and Traditions
  11. Exploitation 101 – Part 8 – House of Spirit : Friendly Stack Overflow
  12. Exploitation 101 – Part 9 – Off-by-One and Uninvited friend joins the Party
  13. Exploitation 101 – Part 10 – Integer Overflow : Adding one more ….AAAAAAnd it’s gone
  14. Exploitation 101 – Part 11 – Format Strings : I will tell ya what to say

[ Series ] Metasploit Unleashed – Exploit Development

  1. Exploit Module Format
  2. Exploit Mixins
  3. Exploit Targets
  4. Exploit Payloads
  5. Getting Shell

[ Tutorials ] Exploit Dev Tutorials from multiple resources

  1. Stack : BoF with edb-debugger
  2. Stack : Stack Based Overflow on x64 Linux
  3. Stack : Binary Exploitation ELIF5 – ( Part 1 / Part 2 )
  4. Shellcode : Shellcoding for Windows & Linux
  5. Shellcode : Understanding Shellcode : Reverse Shell
  6. Shellcode : How to write an egg hunter shellcode
  7. Shellcode : Shellcode Debugging with Ollydgb
  8. Shellcode : Shellcode without Socket
  9. Shellcode : Shellcode Obfuscation #1
  10. Shellcode : Shellcode Obfuscation #2
  11. Binary : GOT & PLT for Pwning
  12. Binary : What are the GOT & PLT – part 1
  13. Binary : CPU , Memory and Buffer Overflow
  14. Mitigation : Bypass ASLR + NX ( Part 1 , Part 2 )
  15. Mitigation : New bypass & Protection Techniques for ASLR on Linux
  16. Mitigation : Return to PLT , GOT to bypass ASLR remotely
  17. Mitigation : Return to libc on Modern 32 bit and 64 bit  Linux
  18. Mitigation : Make Stack Execution again
  19. Mitigation : Can we bruteforce ASLR?
  20. Mitigation : ROPping to Victory – Radare2 + pwntools ( Part 1 )
  21. Mitigation : ROPping to Victory – Split ( Part 2 )
  22. Mitigation : ROPping to Victory – Call me may be ( Part 3 )
  23. Mitigation : Introduction to Returned-Oriented-Programming ROP
  24. Mitigation : Introduction to ROP
  25. Mitigation : x64 Bit Linux ROP
  26. Mitigation : Return to LibC without function calls
  27. Mitigation : x86 / x64 BoF Exploits & Borrowed code chunks exploitation techniques
  28. Mitigation : Defeating DEP – The Immunity Debugger way
  29. Mitigation : Blind ROP ( BROP ) Lab / Paper
  30. Mitigation : Advanced Buffer Overflow Method
  31. Mitigation : Exploiting the Random Number Generator – ASLR Bypass
  32. Mitigation : Fun with Info Leaks ( DEP + ASLR Bypass )
  33. Mitigation : Bypassig Memory Protections – The Future of Exploitation
  34. Format Strings : GOT overwrite to change control flow remotely on ASLR
  35. Format Strings : Defeating Stack Canary, NX and ASLR remotely on 64 bit
  36. Format Strings : Exploiting Format String Vulnerabilities
  37. Format Strings : Exploiting Format String – Getting the shell
  38. Format Strings : Maximum Over-kill Two – from Format String to RCE
  39. Heap : Exim Off-by-one RCE Exploiting CVE 2018-6789 with fully mitigations bypass
  40. Heap : CVE 2018-6789 Walkthrough
  41. Heap : Road to Exim RCE – Abusing unsafe memory allocator in the most popular MTA
  42. Heap : From heap to RIP
  43. Heap : GlibC malloc() for Exploiters / (Markdown Version)
  44. Heap : heapwn – Collection of Heap pwnables binaries
  45. Heap : how2heap – Educational Heap Exploitation Collection
  46. Heap : ptmalloc fanzine – Heap Meta-data Corruption Series
  47. Heap : Play with file structures – Yet another Binary exploit technique
  48. Heap : Exploiting the wilderness
  49. Heap : Heap Feng Shui in JavaScript
  50. Heap : Project HeartBleed
  51. Heap : An Introduction to Use-After-Free
  52. Heap : Walking Heap using Py-dbg
  53. Null-ptr Def : Large Memory Management Vulnerabilities

[ PDF ] Biarny Exploitation Papers and Slides

  1. Slide : Linux Interactive Exploit Development with GDB & Peda
  2. Slide : Understanding Heap by breaking it
  3. Book : Hackin9 – Build your own exploits

[ Videos ] Collection of Binary Exploitation random videos

  1. Exploit Tips & Techniques
  2. 23c3 : Unusual Bugs
  3. ASLR Bypass – Bruteforce
  4. ASLR Bypass – Ret2esp
  5. ASLR Bypass – Ret2reg

[ Tools ] Collection of Binary Exploitation Tools

  1. Heap : libheap – Python library to examine ptmalloc
  2. Heap : heap-viewer – IDA plugin to examine the heap
  3. Heap : GEF Heap Exploitation Tools
  4. Debug : Dr Memory – Memory Debugger for Linux , Windows , Mac , Android
  5. Debug : GDB Peda
  6. Debug : Pwndbg
  7. Debug : GEF – Gdb Enhanced Features
  8. Playground : Old Vulnerable App
  9. Playground : Pwnable.tw
  10. Playground : XiphosResearch’s POC exploits
  11. Playground : Exploit-db
  12. Playground : exploit-me ARM Lab
  13. Shellcode : Shellcode Database
  14. Shellcode : Sickle Shellcode Development Tool
  15. Shellcode : shellnoob – Writing Shellcode
  16. Shellcode : shelllen – Interactive Shellcoding Environment

[ Workshops ] Binary Exploitation Workshops Collection

  1. Hardenedlinux’s Linux Exploit Developemnt ( Chinese )
  2. Hardenedlinus’s Kernel Mitigation 101 ( Chinese )
  3. C/C++ – Stack Based Buffer Overflow Hands-on
  4. Blackhoodie-2018 Linux Binary Exploitation Workshop
  5. Nnamon’s Linux Binary Exploitation Workshop
  6. Nnamon’s Practical Ret 2 Libc Workshop
  7. r0hi7’s BinExp – Linux Exploitation Workshop
  8. ARM – BsidesMunich2018 Workshop
  9. Billy-Ellis ARM Exploitation Challenges
  10. ARMPwn – Learn Memory Corruption on ARM
  11. BinTut – Live Demonstration of Memory Corruption Exploitation
  12. ROP Emporium -Teaching ROP Exploitation Techniques
  13. Smashing the Browser – Discover Vuln to Exploit
  14. Awesome-Browser-Exploits
  15. Yookiterm’s Exploitation Course ( Slides / Challenges / Challenge Files / Solutions )
  16. DC416 : Introduction to x64 Linux Exploit ( Slides / Vuln03 solution )
  17. Sam Bowne’s Exploit Development for Beginners Workshop [ Bof without shellcode , 64bit Overflow , Linux BoF with shellcode , Metasploit shellcode practice ]

[ Fuzzing ] Collections of Fuzzing Resources

  1. Tutorial : An Introduction to Fuzzing
  2. Tutorial : An introudction to fuzzing – Automated security testing approach
  3. Tutorial : The art of Fuzzing – Slides & Demos
  4. Tutorial : Hack the Hacker : Fuzzing Mimikatz on Windows with WinAFL & Heatmaps
  5. Tutorial : Fuzzing Arbitrary Functions in ELF Binaries
  6. Tutorial : A year of windows kernel font fuzzing #1 – result by Project Zero
  7. Tutorial : A year of windows kernel font fuzzing #2 – techniques by Project Zero
  8. Tutorial : Fuzzing workflow – A fuzz job from start to finish
  9. Tutorial : 15 mins Guide to Fuzzing by MWR
  10. Tutorial : Simple Fuzzing with zzuff #1 by fuzzing-project
  11. Tutorial : Find more Bug with Address Sanitizer #2 by fuzzing-project
  12. Tutorial : Instrumented Fuzzing with American Fuzzy Loop #3 by fuzzing-project
  13. Tutorial : Know your CFLAGS – Tips to find bug with compiler features by fuzzing-project
  14. Tutorial : Disabling Custom Memory Allocators by fuzzing-project
  15. Tutorial : Libfuzzer Tutorial
  16. Tutorial : How Heartbleed could have been found
  17. Tutorial : Compiler Fuzzing #1
  18. Tutorial : FFmpeg and a thousands fixes
  19. Tutorial : Introducing jsfunfuzz
  20. Tutorial : 7 Tips to consider before fuzzing Open source Large Project
  21. AFL : Basic Usage of AFL with realworld examples
  22. AFL : Advanced AFL usage with realworld examples –preeny and dictionaries
  23. AFL : Advanced AFL usage with realworld examples — Persistent mode
  24. AFL : More advanced AFL usage with realworld examples — fuzzing libraries
  25. AFL : A Gentle Introduction to fuzzing C++ code with AFL & libfuzzer
  26. AFL : Fuzzing openSSH daemon using AFL
  27. AFL : Fuzzing Capstone using AFL
  28. AFL : RAM , Disks and saving your SSD from AFL fuzzing
  29. AFL : Bug Hunting with American Fuzzy Loop
  30. AFL : Segfaulting Python with afl-fuzz
  31. AFL : How to fuzz a server with AFL
  32. AFL : Fuzzing Projects with American Fuzzy Loop
  33. Peach : Peach Tutorials
  34. Peach : Fuzzing with Peach #1
  35. Peach : Fuzzing with Peach #2
  36. Video : Fuzzing 101 from Hack-Night
  37. Video : Fuzzing Lecture #1 from W. Owen Redwood
  38. Video : Fuzzing Lecture #2 fromW. Owen Redwood
  39. Video : Fuzzing Lecture from Free Software Security Course
  40. PDF : The Evolving Art of Fuzzing
  41. PDF : Automated Whitebox Fuzz Testing
  42. PDF : How Hacker Look for Bug
  43. PDF : Real World Fuzzing
  44. PDF : Effective Bug Discovery
  45. PDF : Effective File Format Fuzzing
  46. PDF : Fuzzing Frameworks
  47. PDF : Fuzzing for fun & for $$$$
  48. PDF : MBFuzzer – MITM Fuzzing for Mobile Applications
  49. PDF : The Art of File Format Fuzzing
  50. PDF : Wifi – Advanced Fuzzing
  51. PDF : Analysis of Mutation & Generation-Based Fuzzing
  52. PDF : Introducing Sulley fuzzing framework
  53. PDF : Grammar-based White Box Fuzzing
  54. PDF : zzuf – Multi purpose fuzzer
  55. PDF : CS558 – Fuzzing Lab
  56. Blog : Fuzzing Blog #1
  57. Blog : Fuzzing Blog #2
  58. Blog : Fuzzing Blog #3
  59. Lab : From fuzzing to zero day
  60. Lab : A Practical Example ( AFL vs Binutils )
  61. Lab : AFL Training Workshop
  62. Lab : libfuzzer Training Workshop
  63. Lab : Fuzzing with spike
  64. Lab : Fuzzing with Failure Observation Engine
  65. Lab : FuzzGoat – Vulnerable C Program for Testing Fuzzers

[ Kernel ] Collections of Kernel Exploitation

  1. Linux : Linux Kernel Exploit – Environment
  2. Linux : Linux Kernel Exploit – Stack Smashing
  3. Linux : Linux Kernel Exploit – Null Deference
  4. Linux : Kernel Driver : mmap handler exploitation
  5. Windows : Setting up a Windows VM lab for Kernel Debugging
  6. Windows : A primer to Windows x64 Shellcoding
  7. Windows : First exploit in Windows Kernel ( HEVD )
  8. Windows : Arbitrary write Primitive on Windows Kernel ( HEVD )

[ Forum ] 0x00sec’s Exploit Development Discussions

  1. https://0x00sec.org/c/exploit-development

[Issues ] Phrack’s issues for Exploit Development

  1. Smashing the Stack for Fun & Profit
  2. Weakening the Linux Kernel
  3. Frame Pointer Overwriting
  4. Bypassing Stack Guard & Stack Shield
  5. Shared Library redirection via ELF PLT infection
  6. Smashing C++ VPTRs
  7. Backdooring Binary Objects
  8. Introduction to PAM
  9. Exploiting Non-Adjacent Memory Spaces
  10. Writing MIPS/Irix Shellcode
  11. IA64 Shellcode
  12. Vudo Malloc Tricks
  13. Once upon a free()
  14. Architecture Spanning Shellcode
  15. Writing ia32 Alphanumeric Shellcodes
  16. Advanced return-to-libc exploits (PaX Case Study )
  17. Runtime Binary Encryption
  18. Advances in Kernel Hacking
  19. Linux on the fly kernel patching without LKM
  20. Linux x86 Kernel function hooking emulation
  21. Developing Strong ARM Linux Shellcode
  22. HP-UX (PA-RISC 1.1) Overflows
  23. Handling the Interrupt Descriptor Table
  24. Advances in kernel hacking II
  25. Advances in format string exploitation
  26. Runtime process infection
  27. Bypassing PaX ASLR protection
  28. Building ptrace injecting shellcodes
  29. Linux/390 shellcode development
  30. Playing with Windows /dev/(k)mem
  31. Smashing The Kernel Stack For Fun And Profit
  32. Burning the bridge: Cisco IOS exploits
  33. Static Kernel Patching
  34. Big Loop Integer Protection
  35. Basic Integer Overflows
  36. Advanced Doug Lea’s malloc exploits
  37. Hijacking Linux Page Fault Handle
  38. The Cerberus ELF interface
  39. Polymorphic Shellcode Engine
  40. Infecting Loadable Kernel Modules
  41. Building IA32 ‘Unicode-Proof’ Shellcodes
  42. Hacking the Linux Kernel Network Stack
  43. Kernel Rootkit Experiences & the Future
  44. Bypassing Win BO Protection
  45. Kernel Mode Backdoor for NT
  46. Advances in Windows Shellcode
  47. UTF8 Shellcode
  48. Attacking Apache Modules
  49. Win32 Portable Userland Rootkit
  50. Bypassing Windows Personal FW’s
  51. OSX heap exploitation techniques
  52. Games with kernel Memory…FreeBSD Style
  53. Embedded ELF Debugging
  54. Hacking Grub for Fun & Profit
  55. Shifting the Stack Pointer
  56. PowerPC Cracking on OSX with GDB
  57. Attacking the Core: Kernel Exploitation Notes
  58. Mac OS X Wars – A XNU Hope
  59. Hacking deeper in the system
  60. Abusing the Objective C runtime
  61. Backdooring Juniper Firewalls
  62. Exploiting DLmalloc frees in 2009
  63. Exploiting UMA : FreeBSD kernel heap exploits
  64. Malloc Des-Maleficarum
  65. Alphanumeric RISC ARM Shellcode
  66. Power cell buffer overflow
  67. Binary Mangling with Radare
  68. Linux Kernel Heap Tampering Detection
  69. Kernel instrumentation using kprobes
  70. ProFTPD with mod_sql pre-authentication, remote root
  71. The House Of Lore: Reloaded ptmalloc v2 & v3: Analysis & Corruption
  72. A Eulogy for Format Strings
  73. Dynamic Program Analysis and Software Exploitation
  74. Exploiting Memory Corruptions in Fortran Programs Under Unix/VMS
  75. Scraps of notes on remote stack overflow exploitation
  76. Android Kernel Rootkit
  77. Pseudomonarchia jemallocum
  78. Infecting loadable kernel modules: kernel versions 2.6.x/3.0.x
  79. The Art of Exploitation: MS IIS 7.5 Remote Heap Overflow
  80. The Art of Exploitation: Exploiting VLC, a jemalloc case study
  81. Modern Objective-C Exploitation Techniques

 

Practice

Offline Labs

Online Labs

Vulnerable Machines

Wiki

Write-ups

Tools

Building Pentest Labs

Security Open Courseware

1.Learning Computer Security and Ethical Hacking

2.Computer and Network Security – CNS

3.CSE 484 : Computer Security

4.CS 527 : Software Security

5.PA 193 : Secure Coding Principles and Practices

6.CNIT 127 : Exploit Development

7.CNIT 40 : DNS Security

8.CNIT 152 : Incident Response

9.CNIT 126 : Practical Malware Analysis

10.CNIT 123 : Ethical Hacking and Network Defense

11.CNIT 124 : Advanced Ethical Hacking

12.CNIT 128 : Hacking Mobile Devices

13.CNIT 129S : Securing Web Applications

14.CNIT 141 : Cryptography for Computer Networks

15.Open Security Training Courses

  • Videos , Codes , Slides , Labs VM
  • http://opensecuritytraining.info/Training.html
  • Android , CISSP , Network Hunting , Hacking techniques & Intrusion detection , x86 / x64 Assembly , ARM , Cellular , Network forensics , Secure coding , Vulnerability assement , web , pcap analysis , Linux & Windows exploits , Reverse engineering , Rootkits , Malware Analysis , Keylogging

16.SIL 765 : Network & System Security

17.CS260 : Binary Analysis for Computer Security

18.Live Overflow Channel

19.Modern Binary Exploitation Course

20.W. Owen Redwood’s  Hack All The Things

21.NYU Tandon’s OSIRIS’s Hack-Night

22.Hackers Hut

And-Sec

Resources

Tutorials

Tools

Unsorted

  • Hacking Zines
  • https://github.com/michalmalik/linux-re-101 – Linux RE 101
  • https://github.com/praetorian-inc/DVRF – Router Firmware
  • https://github.com/sagishahar/lpeworkshop – LPE workshop
  • https://github.com/trustedsec/ptf – Penetration Testing Framework
  • fastandeasyhacking.com  – Armitage

Linux enum

  • https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
  • https://github.com/rebootuser/LinEnum