Skip to content

Files

Latest commit

 

History

History
74 lines (50 loc) · 5 KB

README.md

File metadata and controls

74 lines (50 loc) · 5 KB

OSCE Preparation

This repo contains a resources that should be followed step by step during the OSCE preperation.

Please do NOT hesitate to create an issue in order to add resource to the list.

Getting Familiar with Assembly Language

BOOK : Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation https://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315

Videos : x86 Assembly Language and Shellcoding on Linux https://www.pentesteracademy.com/course?id=3

Another Video : Reverse Engineering Win32 Applications Course Videos https://www.pentesteracademy.com/course?id=41

Corelan.be Exploit Development Articles

One of the greatest resource about getting started with buffer overflows.

  1. Corelan.be BOF - 0x01 |  Exploit writing tutorial part 1 : Stack Based Overflows

  2. Corelan.be BOF - 0x02 |  Exploit writing tutorial part 2 : Stack Based Overflows – jumping to shellcode

  3. Corelan.be BOF - 0x03 | Exploit writing tutorial part 3 : SEH Based Exploits

  4. Corelan.be BOF - 0x04 | Exploit writing tutorial part 3b : SEH Based Exploits – just another example

  5. Corelan.be BOF - 0x05 | Exploit writing tutorial part 4 : From Exploit to Metasploit – The basics

  6. Corelan.be BOF - 0x06 | Exploit writing tutorial part 5 : How debugger modules & plugins can speed up basic exploit development

  7. Corelan.be BOF - 0x07 | Exploit writing tutorial part 6 : Bypassing Stack Cookies, SafeSeh, SEHOP, HW DEP and ASLR

  8. Corelan.be BOF - 0x08 | Exploit writing tutorial part 7 : Unicode – from 0x00410041 to calc

FuzzySecurity Windows Exploit Development Tutorial Series

Another awesome resource about exploit development.

  1. Part 1: Introduction to Exploit Development
  2. Part 2: Saved Return Pointer Overflows
  3. Part 3: Structured Exception Handler (SEH)
  4. Part 4: Egg Hunters
  5. Part 5: Unicode 0x00410041
  6. Part 6: Writing W32 shellcode
  7. Part 7: Return Oriented Programming
  8. Part 8: Spraying the Heap [Chapter 1: Vanilla EIP]
  9. Part 9: Spraying the Heap [Chapter 2: Use-After-Free]
  10. Part 10: Kernel Exploitation -> Stack Overflow
  11. Part 11: Kernel Exploitation -> Write-What-Where
  12. Part 12: Kernel Exploitation -> Null Pointer Dereference
  13. Part 13: Kernel Exploitation -> Uninitialized Stack Variable
  14. Part 14: Kernel Exploitation -> Integer Overflow
  15. Part 15: Kernel Exploitation -> UAF
  16. Part 16: Kernel Exploitation -> Pool Overflow
  17. Part 17: Kernel Exploitation -> GDI Bitmap Abuse (Win7-10 32/64bit)
  18. Part 18: Kernel Exploitation -> RS2 Bitmap Necromancy
  19. Part 19: Kernel Exploitation -> Logic bugs in Razer rzpnk.sys

Fuzzing

TODO later

AV Bypass

TODO later https://captmeelo.com/exploitdev/osceprep/2018/07/16/backdoor101-part1.html https://captmeelo.com/exploitdev/osceprep/2018/07/21/backdoor101-part2.html