API tools faq
paste
Advertisement
Guest User

Vulnerability Research Engineering Bookmarks Collection v1.0

a guest
Jul 24th, 2017
3,215
1
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.84 KB | None | 1 0
raw download clone embed print report
  1. Vulnerability Research Engineering Bookmarks Collection v1.0
  2.  
  3. Hope this is useful for any vuln research/exploit dev anons out there. Good luck on your journey!
  4.  
  5. Binary Exploitation
  6. ==================================================================================================
  7. https://www.corelan.be/index.php/category/security/exploit-writing-tutorials/
  8. https://www.fuzzysecurity.com/tutorials.html
  9. https://trailofbits.github.io/ctf/
  10. https://github.com/advanced-threat-research/firmware-security-training
  11. https://blogs.oracle.com/ksplice/hello-from-a-libc-free-world-part-1
  12. https://samdb.xyz/windows-kernel-exploitation/
  13. http://rh0dev.github.io/blog/2017/the-return-of-the-jit/
  14. https://blogs.technet.microsoft.com/srd/2017/07/13/eternal-synergy-exploit-analysis/
  15. https://securedorg.github.io/RE101/
  16. https://blog.qualys.com/securitylabs/2017/06/19/the-stack-clash
  17. http://blog.deniable.org/blog/2017/07/16/inject-all-the-things/
  18. http://octopuslabs.io/legend/blog/sample-page.html
  19. https://redr2e.com/cve-to-poc-cve-2017-0059/
  20. https://azeria-labs.com/writing-arm-shellcode/
  21. http://blog.talosintelligence.com/2009/07/how-do-i-become-ninja.html
  22. http://www.safemode.org/files/zillion/shellcode/doc/Writing_shellcode.html
  23. http://www.myne-us.com/2010/08/from-0x90-to-0x4c454554-journey-into.html
  24. https://www.cs.cmu.edu/~213/schedule.html
  25. https://github.com/lieanu/it-sec-catalog/blob/master/Exploitation.md
  26. http://opensecuritytraining.info/Exploits1.html
  27. http://opensecuritytraining.info/Exploits2.html
  28. http://opensecuritytraining.info/Rootkits.html
  29. https://wikileaks.org/ciav7p1/cms/files/NOD%20Cryptographic%20Requirements%20v1.1%20SECRET.pdf
  30. https://wikileaks.org/ciav7p1/cms/files/Persisted-DLL-Spec-v2-SECRET.pdf
  31. https://wikileaks.org/ciav7p1/cms/files/ICE-Spec-v3-final-SECRET.pdf
  32. https://wikileaks.org/ciav7p1/cms/files/Fire%20&%20Forget%20Spec.pdf
  33. https://wikileaks.org/ciav7p1/cms/files/Kernel-Execution-Spec-v1-SECRET.pdf
  34. https://wikileaks.org/ciav7p1/cms/page_14587109.html
  35. https://github.com/x0rz/EQGRP
  36.  
  37. Vulnerability Research/Discovery
  38. ==================================================================================================
  39. https://googleprojectzero.blogspot.ca/2016/06/how-to-compromise-enterprise-endpoint.html
  40. https://googleprojectzero.blogspot.ca/2015/09/kaspersky-mo-unpackers-mo-problems.html
  41. https://foxglovesecurity.com/2016/03/15/fuzzing-workflows-a-fuzz-job-from-start-to-finish/
  42. https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/
  43. http://www.flinkd.org/fuzzing-with-peach-part-1/
  44. https://deepspec.org/page/SF/
  45. https://yurichev.com/writings/SAT_SMT_draft-EN.pdf
  46. http://queue.acm.org/detail.cfm?id=2094081
  47. https://lcamtuf.blogspot.ca/2015/08/understanding-process-of-finding.html
  48. https://lcamtuf.blogspot.ca/2016/02/say-hello-to-afl-analyze.html
  49. https://josephg.com/blog/bug-hunting-with-american-fuzzy-lop/
  50. https://github.com/ThalesIgnite/afl-training
  51. https://nebelwelt.net/publications/files/1330c3-presentation.pdf
  52. https://github.com/Microsoft/MSRC-Security-Research
  53.  
  54. Resource Lists
  55. ==================================================================================================
  56. https://github.com/Hack-with-Github/Awesome-Hacking
  57. https://github.com/rmusser01/Infosec_Reference
  58. https://github.com/danielmiessler/SecLists
  59. https://github.com/FabioBaroni/awesome-exploit-development
  60. https://github.com/enddo/awesome-windows-exploitation
  61. http://www.pentest.guru/index.php/2016/01/28/best-books-tutorials-and-courses-to-learn-about-exploit-development/
  62.  
  63. Security Tools
  64. ==================================================================================================
  65. https://www.zynamics.com/bindiff.html
  66. https://github.com/longld/peda
  67. http://honggfuzz.com/
  68. https://talosintelligence.com/pyrebox
  69. http://amanda.secured.org/tools/
  70. http://angr.io/
  71. https://blog.trailofbits.com/2017/04/27/manticore-symbolic-execution-for-humans/
  72. https://github.com/aoh/radamsa
  73. https://github.com/joxeankoret/nightmare
  74. https://github.com/Z3Prover/z3/wiki
  75. https://github.com/OpenRCE/paimei
  76. https://github.com/cea-sec/miasm
  77. https://github.com/sashs/Ropper
  78. https://github.com/Veil-Framework/Veil
  79.  
  80. Pwnables
  81. ==================================================================================================
  82. https://exploit-exercises.com/
  83. https://www.hackthebox.eu/en
  84. https://www.vulnhub.com/
  85. https://microcorruption.com/login
  86. https://picoctf.com/
  87. http://play.plaidctf.com/
  88. http://ghostintheshellcode.com/
  89. https://ringzer0team.com/
  90. https://backdoor.sdslabs.co/
  91.  
  92. Career
  93. ==================================================================================================
  94. https://lcamtuf.blogspot.ca/2016/08/so-you-want-to-work-in-security-but-are.html
  95. https://medium.freecodecamp.org/so-you-want-to-work-in-security-bc6c10157d23
  96. https://noncombatant.org/2016/06/20/get-into-security-engineering/
  97. http://www.catb.org/esr/faqs/hacker-howto.html
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!