Jump to content


2
[Req]

Exploit dev/Black hat trainings



7 replies to this topic

#1 crackerjoe69

crackerjoe69

    Geek

  • Senior Super Moderators
  • 4,573 posts
  • 27719 thanks

Posted 25 May 2019 - 07:17 AM

Anyone have some exploit dev courses they don't mind sharing? (PM ME). Also interested in any black hat training. Feel free to PM me to discuss more.
Do not post useless "Thank You"s in the share subforums @ http://certcollection.org/forum/forum/1-training-offers-requests/.

Use the "Thanks" button to see the hidden contents in the share section as shown in the announcements

http://certcollection.org/forum/topic/99091-new-feature-added/

WARNING: Strict action will be taken against members posting Thank yous(tnx, great, gr8, 10x, +1), unnecessary quotes, posts with gibberish words and smileys without any comments. 1st Warning will lead to 4hrs disabled posting , 2nd will lead to 12 hrs, 3rd & 4th might lead to 1, 3 or 7 days of disabled posting . Please note further, that ignoring this hint will lead into more restrictive actions.

Thanked by 1 Member:
sectest1234

#2 revsec

revsec

    Junior Member

  • Members
  • PipPip
  • 7 posts
  • 9097 thanks

Posted 27 May 2019 - 02:50 PM

for linux exploit dev i use this material(and its quite enough for me)

https://github.com/nnamon/linux-exploitation-course
https://github.com/hardenedlinux/linux-exploit-development-tutorial (chineese version)
https://we.tl/t-BHAEsCH6wH (english version)
for rop https://ropemporium.com/index.html (in youtube there videos how to solve all challenges)
SEC760.2 - Advanced Linux Exploitation which its already shared in CC.


i hope its help someone.

PS:most exploit dev training are challenges with wikipedia concept explanations .

Edited by revsec, 30 May 2019 - 04:23 PM.


Thanked by 3 Members:
sid231196 , junkrat , BaconMan

#3 xytraguptor

xytraguptor

    Newbie

  • Members
  • Pip
  • 0 posts
  • 50 thanks

Posted 28 May 2019 - 04:31 PM

Thanks!

Could you please share alternative link to https://we.tl/t-BHAEsCH6wH(english version) ?

#4 revsec

revsec

    Junior Member

  • Members
  • PipPip
  • 7 posts
  • 9097 thanks

Posted 28 May 2019 - 04:46 PM

here you go for alternative link

Hidden Content
You'll be able to see the hidden content once you press the thanks button.

Use hide tags.
Usage: [ hide ] link [ /hide ] (without spaces)

Edited by mavis, 29 May 2019 - 07:13 AM.
Hide tag added.


Thanked by 123 Members:

#5 r00tb3

r00tb3

    Newbie

  • Members
  • Pip
  • 0 posts
  • 154 thanks

Posted 30 May 2019 - 04:41 AM

I have the following links bookmarked.

MOOC's:--


https://exploit.education/
https://liveoverflow.com/binary_hacking/index.html
http://security.cs.rpi.edu/courses/binexp-spring2015/
https://github.com/RPISEC/MBE#modern-binary-exploitation---csci-4968
https://r0hi7.github.io/BinExp/
https://github.com/r0hi7/BinExp#binary-exploitation
https://exploit.courses/#/challenges
https://github.com/dobin/yookiterm-slides/blob/master/resources.md#resources
https://samsclass.info/127/127_S17.shtml
https://www.youtube.com/playlist?list=PL7gCgFw1RV1N9Lqfyp-eIgKSb1KTp1ifm
http://www.archive.ece.cmu.edu/~ece732/s18/schedule.html
https://www.youtube.com/playlist?list=PLMGUdaTHpFQLmSAk5_cTM8Y502hhVpeNf
https://it-sec-catalog.info/

https://github.com/bcdannyboy/Research/blob/master/JIT-SprayedROP.pdf

LINUX:--

https://blog.holbertonschool.com/hack-the-virtual-memory-c-strings-proc/
https://github.com/raminfp/Understanding_Linux_Kernel_Vulnerability#understanding_linux_kernel_vulnerability
https://bitvijays.github.io/LFC-BinaryExploitation.html
https://ctf101.org/binary-exploitation/overview/
https://sploitfun.wordpress.com/2015/06/26/linux-x86-exploit-development-tutorial-series/
https://github.com/nnamon/linux-exploitation-course#linux-exploitation-course
https://github.com/scwuaptx/HITCON-Training#hitcon-training
https://translate.googleusercontent.com/translate_c?act=url&depth=1&hl=en&ie=UTF8&prev=_t&rurl=translate.google.com&sl=zh-CN&sp=nmt4&tl=en&u=https://github.com/hardenedlinux/linux-exploit-development-tutorial&usg=ALkJrhh8wzWCE5R17IhQ9G2fmt8REm-Czw#linux-exploit-%E5%BC%80%E5%8F%91%E5%85%A5%E9%97%A8
https://github.com/VulnReproduction/LinuxFlaw#linuxflaw
https://github.com/xairy/linux-kernel-exploitation#linux-kernel-exploitation
https://github.com/xairy/kernel-exploits#kernel-exploits

Thanked by 2 Members:
junkrat , revsec

#6 revsec

revsec

    Junior Member

  • Members
  • PipPip
  • 7 posts
  • 9097 thanks

Posted 01 June 2019 - 03:01 AM

i add this  link for different binary fuzzing technics
THE ART OF FUZZING – SLIDES AND DEMOS
https://sec-consult.com/en/blog/2017/11/the-art-of-fuzzing-slides-and-demos/


Thanked by 2 Members:
dfirzach90 , junkrat

#7 kasidisaueb

kasidisaueb

    Junior Member

  • Members
  • PipPip
  • 5 posts
  • 642 thanks

Posted 07 June 2019 - 10:25 PM

We can at least create a list of good free resources.

If anyone has additional links, please feel free to add them....

Consolidating everything into one list below.

http://www.pentest.guru/index.php/2016/01/28/best-books-tutorials-and-courses-to-learn-about-exploit-development/  
https://www.peerlyst.com/posts/the-best-resources-for-learning-exploit-development  
http://opensecuritytraining.info/Exploits1.html
http://ropshell.com/peda/Linux_Interactive_Exploit_Development_with_GDB_and_PEDA_Slides.pdf  
https://0x00sec.org/t/getting-cozy-with-exploit-development/5311
https://captmeelo.com/category/exploitdev  
https://bogner.sh/2016/04/the-hard-life-of-exploit-developers/
https://exploit.courses/#/challenge/2
http://opensecuritytraining.info/Exploits2.html  
http://docs.alexomar.com/biblioteca/Modern%20Windows%20Exploit%20Development.pdf
http://security.cs.rpi.edu/courses/binexp-spring2015/
https://www.shogunlab.com/blog/  
https://github.com/demi6od/Smashing_The_Browser  
https://sploitfun.wordpress.com/2015/06/26/linux-x86-exploit-development-tutorial-series/
https://github.com/nnamon/linux-exploitation-course
https://www.youtube.com/watch?v=dXxR7UrGw2M&list=PL4IYmIzx8VOwAV9jVntLs11rxPQu8Hpnb
https://www.owasp.org/images/4/4c/Introduction_to_shellcode_development.pdf
https://goblinsecurity.blogspot.com/2017/05/slae-assignment-3-egghunter-shellcode.html  
https://0x00sec.org/t/remote-exploit-shellcode-without-sockets/1440  
https://www.blackhat.com/presentations/bh-asia-03/bh-asia-03-chong.pdf
https://blog.techorganic.com/2018/02/23/dc416-introduction-to-64-bit-linux-exploit-development-vuln03-solution/
https://github.com/hardenedlinux/linux-exploit-development-tutorial
https://github.com/secfigo/Awesome-Fuzzing
https://github.com/SkyBulk/exploit-development
https://github.com/dyjakan/exploit-development-case-studies
https://we.tl/t-BHAEsCH6wH
https://ropemporium.com/index.html (in youtube there videos how to solve all challenges)
https://www.peerlyst.com/posts/resource-exploit-development-tutorials-and-guides-chiheb-chebb
https://sec-consult.com/en/blog/2017/11/the-art-of-fuzzing-slides-and-demos/  
http://archive.hack.lu/2018/Slides_Fuzzing_Workshop_Hack.lu_v1.0.pdf
http://blog.k3170makan.com/2018/05/windows-exploit-development-primer.html
http://blog.k3170makan.com/2018/05/windows-exploit-development-primer-ii.html
http://blog.k3170makan.com/2018/06/windows-exploit-development-exploiting.html  
https://www.immunityinc.com/downloads/win64_confidence2010.pdf
https://bytesoverbombs.io/exploiting-a-64-bit-buffer-overflow-469e8b500f10
https://blog.knapsy.com/blog/2018/08/05/filevault-ctf-challenge-elf-x64-buffer-overflow/


-------------

MOOC

https://exploit.education/
https://liveoverflow.com/binary_hacking/index.html
http://security.cs.rpi.edu/courses/binexp-spring2015/
https://github.com/RPISEC/MBE#modern-binary-exploitation---csci-4968
https://r0hi7.github.io/BinExp/
https://github.com/r0hi7/BinExp#binary-exploitation
https://exploit.courses/#/challenges
https://github.com/dobin/yookiterm-slides/blob/master/resources.md#resources
https://samsclass.info/127/127_S17.shtml
https://samsclass.info/127/proj/ED309.htm  
https://www.youtube.com/playlist?list=PL7gCgFw1RV1N9Lqfyp-eIgKSb1KTp1ifm
http://www.archive.ece.cmu.edu/~ece732/s18/schedule.html
https://www.youtube.com/playlist?list=PLMGUdaTHpFQLmSAk5_cTM8Y502hhVpeNf
https://it-sec-catalog.info/

https://github.com/bcdannyboy/Research/blob/master/JIT-SprayedROP.pdf

LINUX:--

https://blog.holbertonschool.com/hack-the-virtual-memory-c-strings-proc/
https://github.com/raminfp/Understanding_Linux_Kernel_Vulnerability#understanding_linux_kernel_vulnerability
https://bitvijays.github.io/LFC-BinaryExploitation.html
https://ctf101.org/binary-exploitation/overview/
https://sploitfun.wordpress.com/2015/06/26/linux-x86-exploit-development-tutorial-series/
https://github.com/nnamon/linux-exploitation-course#linux-exploitation-course
https://github.com/scwuaptx/HITCON-Training#hitcon-training
https://translate.googleusercontent.com/translate_c?act=url&depth=1&hl=en&ie=UTF8&prev=_t&rurl=translate.google.com&sl=zh-CN&sp=nmt4&tl=en&u=https://github.com/hardenedlinux/linux-exploit-development-tutorial&usg=ALkJrhh8wzWCE5R17IhQ9G2fmt8REm-Czw#linux-exploit-%E5%BC%80%E5%8F%91%E5%85%A5%E9%97%A8
https://github.com/VulnReproduction/LinuxFlaw#linuxflaw
https://github.com/xairy/linux-kernel-exploitation#linux-kernel-exploitation
https://github.com/xairy/kernel-exploits#kernel-exploits
https://www.exploit-db.com/papers/24085  
-------------  

https://paper.seebug.org/195/  
https://crypto.stanford.edu/~blynn/rop/

Edited by kasidisaueb, 07 June 2019 - 10:31 PM.


Thanked by 1 Member:
junkrat

#8 pUnck

pUnck

    Newbie

  • Members
  • Pip
  • 0 posts
  • 564 thanks

Posted 08 June 2019 - 06:20 AM

http://www.myne-us.com/2010/08/from-0x90-to-0x4c454554-journey-into.html
https://samsclass.info/127/127_F15.shtml
https://www.cybrary.it/video/exploit-development-introduction-part-1/
http://theamazingking.com/exploit.php
https://veteransec.com/category/exploit-development/
https://github.com/FabioBaroni/awesome-exploit-development
https://github.com/sergey-pronin/Awesome-Vulnerability-Research
https://github.com/samyk/Awesome-Hacking-Resources
https://github.com/The-Art-of-Hacking/h4cker
https://0x00sec.org/t/material-for-learning-exploit-development/1727
https://www.shogunlab.com/blog/2017/08/19/zdzg-windows-exploit-1.html
https://www.shogunlab.com/blog/2017/08/26/zdzg-windows-exploit-2.html
https://www.shogunlab.com/blog/2017/09/02/zdzg-windows-exploit-3.html
https://www.shogunlab.com/blog/2017/11/06/zdzg-windows-exploit-4.html
https://www.shogunlab.com/blog/2018/02/11/zdzg-windows-exploit-5.html
https://www.abatchy.com/2018/01/kernel-exploitation-1
https://hackmd.io/s/V1GLSF0R

Thanked by 1 Member:
junkrat



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Organization

Community

Downloads

Test Providers

Site Info


Go to top