Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Vulnerability Research Engineering Bookmarks Collection v1.0
- Hope this is useful for any vuln research/exploit dev anons out there. Good luck on your journey!
- Binary Exploitation
- ==================================================================================================
- https://www.corelan.be/index.php/category/security/exploit-writing-tutorials/
- https://www.fuzzysecurity.com/tutorials.html
- https://trailofbits.github.io/ctf/
- https://github.com/advanced-threat-research/firmware-security-training
- https://blogs.oracle.com/ksplice/hello-from-a-libc-free-world-part-1
- https://samdb.xyz/windows-kernel-exploitation/
- http://rh0dev.github.io/blog/2017/the-return-of-the-jit/
- https://blogs.technet.microsoft.com/srd/2017/07/13/eternal-synergy-exploit-analysis/
- https://securedorg.github.io/RE101/
- https://blog.qualys.com/securitylabs/2017/06/19/the-stack-clash
- http://blog.deniable.org/blog/2017/07/16/inject-all-the-things/
- http://octopuslabs.io/legend/blog/sample-page.html
- https://redr2e.com/cve-to-poc-cve-2017-0059/
- https://azeria-labs.com/writing-arm-shellcode/
- http://blog.talosintelligence.com/2009/07/how-do-i-become-ninja.html
- http://www.safemode.org/files/zillion/shellcode/doc/Writing_shellcode.html
- http://www.myne-us.com/2010/08/from-0x90-to-0x4c454554-journey-into.html
- https://www.cs.cmu.edu/~213/schedule.html
- https://github.com/lieanu/it-sec-catalog/blob/master/Exploitation.md
- http://opensecuritytraining.info/Exploits1.html
- http://opensecuritytraining.info/Exploits2.html
- http://opensecuritytraining.info/Rootkits.html
- https://wikileaks.org/ciav7p1/cms/files/NOD%20Cryptographic%20Requirements%20v1.1%20SECRET.pdf
- https://wikileaks.org/ciav7p1/cms/files/Persisted-DLL-Spec-v2-SECRET.pdf
- https://wikileaks.org/ciav7p1/cms/files/ICE-Spec-v3-final-SECRET.pdf
- https://wikileaks.org/ciav7p1/cms/files/Fire%20&%20Forget%20Spec.pdf
- https://wikileaks.org/ciav7p1/cms/files/Kernel-Execution-Spec-v1-SECRET.pdf
- https://wikileaks.org/ciav7p1/cms/page_14587109.html
- https://github.com/x0rz/EQGRP
- Vulnerability Research/Discovery
- ==================================================================================================
- https://googleprojectzero.blogspot.ca/2016/06/how-to-compromise-enterprise-endpoint.html
- https://googleprojectzero.blogspot.ca/2015/09/kaspersky-mo-unpackers-mo-problems.html
- https://foxglovesecurity.com/2016/03/15/fuzzing-workflows-a-fuzz-job-from-start-to-finish/
- https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/
- http://www.flinkd.org/fuzzing-with-peach-part-1/
- https://deepspec.org/page/SF/
- https://yurichev.com/writings/SAT_SMT_draft-EN.pdf
- http://queue.acm.org/detail.cfm?id=2094081
- https://lcamtuf.blogspot.ca/2015/08/understanding-process-of-finding.html
- https://lcamtuf.blogspot.ca/2016/02/say-hello-to-afl-analyze.html
- https://josephg.com/blog/bug-hunting-with-american-fuzzy-lop/
- https://github.com/ThalesIgnite/afl-training
- https://nebelwelt.net/publications/files/1330c3-presentation.pdf
- https://github.com/Microsoft/MSRC-Security-Research
- Resource Lists
- ==================================================================================================
- https://github.com/Hack-with-Github/Awesome-Hacking
- https://github.com/rmusser01/Infosec_Reference
- https://github.com/danielmiessler/SecLists
- https://github.com/FabioBaroni/awesome-exploit-development
- https://github.com/enddo/awesome-windows-exploitation
- http://www.pentest.guru/index.php/2016/01/28/best-books-tutorials-and-courses-to-learn-about-exploit-development/
- Security Tools
- ==================================================================================================
- https://www.zynamics.com/bindiff.html
- https://github.com/longld/peda
- http://honggfuzz.com/
- https://talosintelligence.com/pyrebox
- http://amanda.secured.org/tools/
- http://angr.io/
- https://blog.trailofbits.com/2017/04/27/manticore-symbolic-execution-for-humans/
- https://github.com/aoh/radamsa
- https://github.com/joxeankoret/nightmare
- https://github.com/Z3Prover/z3/wiki
- https://github.com/OpenRCE/paimei
- https://github.com/cea-sec/miasm
- https://github.com/sashs/Ropper
- https://github.com/Veil-Framework/Veil
- Pwnables
- ==================================================================================================
- https://exploit-exercises.com/
- https://www.hackthebox.eu/en
- https://www.vulnhub.com/
- https://microcorruption.com/login
- https://picoctf.com/
- http://play.plaidctf.com/
- http://ghostintheshellcode.com/
- https://ringzer0team.com/
- https://backdoor.sdslabs.co/
- Career
- ==================================================================================================
- https://lcamtuf.blogspot.ca/2016/08/so-you-want-to-work-in-security-but-are.html
- https://medium.freecodecamp.org/so-you-want-to-work-in-security-bc6c10157d23
- https://noncombatant.org/2016/06/20/get-into-security-engineering/
- http://www.catb.org/esr/faqs/hacker-howto.html
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement