Exploit development

In this post I just post some useful links for people who just start studding/working with exploits development.

mona.py – the manual <- Higthly recommended tool

First: Exploit Writing Tutorials by corelanc0d3r.

1. Exploit writing tutorial part 1 : Stack Based Overflows
2. Exploit writing tutorial part 2 : Stack Based Overflows – jumping to shellcode
3. Exploit writing tutorial part 3 : SEH Based Exploits
4. Exploit writing tutorial part 3b : SEH Based Exploits – just another example
5. Exploit writing tutorial part 4 : From Exploit to Metasploit – The basics
6. Exploit writing tutorial part 5 : How debugger modules & plugins can speed up basic exploit development
7. Exploit writing tutorial part 6 : Bypassing Stack Cookies, SafeSeh, SEHOP, HW DEP and ASLR
8. Exploit writing tutorial part 7 : Unicode – from 0×00410041 to calc
9. Exploit writing tutorial part 8 : Win32 Egg Hunting
10. Exploit writing tutorial part 9 : Introduction to Win32 shellcoding
11. Exploit writing tutorial part 10 : Chaining DEP with ROP – the Rubik’s[TM] Cube
12. Starting to write Immunity Debugger PyCommands : my cheatsheet

Second: SecurityTube Exploit Research megaprimer.

1. Exploit Research Megaprimer Part 1 Topic Introduction By Vivek
2. Exploit Research Megaprimer Part 2 Memcpy Buffer Overflow
3. Exploit Research Megaprimer Part 3 Strcpy Buffer Overflow
4. Exploit Research Megaprimer Part 4 Minishare Buffer Overflow
5. Exploit Research Megaprimer Part 5 Freesshd Buffer Overflow
6. Exploit Research Megaprimer Part 6 Seh Basics
7. Exploit Research Megaprimer Part 7 Overwrite Seh
8. Exploit Research Megaprimer Part 8 Exploiting Seh
9. Exploit Research Megaprimer Part 9 Guest Lecture By Andrew King
10. Binary Diffing Microsoft Patches

Third: Heap Overflow: For Humans + Vulnerability and Heap Internals Explained

Fourth: ARM exploitation

Fifth: Many interesting videos related with exploit development


Soon this post will be updated.