References
Tutorials, Challenges, and Walkthroughs
- Debugging Fundementals for Exploit Development
- Smashing the Stack in 2010 by Andrea Cugliari and Mariano Graziano
- Advanced Windows Buffer Overflows (AWBOs)
- Guide to the AWBOs
- Gera's Insecure Programming by Example
- Peter Van Eeckhoutte's Exploit Writing Tutorials
- Ken Ward Zipper Stack BOF 0day
- MS08-067 - Sourcefire Vulnerability Research Team Report
- FoxIt Reader Stack Overflow Exploit: Egghunter Edition
- From 0x90 to to 0x4c454554
- SEH Based Overflow Exploit Tutorial
Shellcode
- A collection of win32 shellcode
- Windows System Call Table
- Win32 Assembly Components by LSD
- UNIX Assembly Codes Development for Vulnerabilities Illustration Purposes by LSD
Exploitation Techniques
- Return-Oriented Programming: Exploits Without Code Injection
- A gentle introduction to return-oriented programming
- Pwn2Own 2010 Windows 7 Internet Explorer 8 Exploit
- Exploitation with WriteProcessMemory
- ASLR Smack & Laugh Reference
- Linux GLibC Stack Canary Values
- Exploitation Techniques from IT Sec Catalog
- The narly WinDBG extension by d0c s4vage
- The viscope WinDBG extension by Jeon Wook Oh
Mitigations
- Using Hardening Options - Debian Wiki
- Ubuntu Security Features by release
- Assessing the Tux Strength: Part 1 - Userspace Memory Protections
- Assessing the Tux Strength: Part 2 - Into the Kernel
- Windows ISV Software Security Defenses
- Chapter 1 of the Mac Hacker's Handbook (see pages 21-29)
Metasploit
- Offensive Security's Metasploit Unleashed open course, particularly Porting Exploits (essential)
- Metasploit Wiki: Exploit Module Dev (essential)
If you passed this section with ease and understand most of the reading material above, you might want to try taking Immunity's Network Offense Professional certification. Good luck!
Discussion
Share Article 
Reader Comments