Created
August 22, 2016 18:00
-
-
Save furusiyya/6bfe838ed7185e09ac0940a990b0c964 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # CySecBooks | |
| ============ | |
| ## Repo Content | |
| - A Guide to Kernel Exploitation Attacking the Core | |
| - Computer Networking A Top-Down Approach | |
| - Fuzzing Brute Force Vulnerability Discovery | |
| - Gray Hat Python - Python Programming for Hackers and Reverse Engineers (2009) | |
| - Hacking - The Art of Exploitation, 2nd Ed. | |
| - Metasploit, Penetration Testers Guide | |
| - Modern Operating Systems, 3rd Ed. | |
| - Reversing - Secrets Of Reverse Engineering (2005) | |
| - The Art of Assembly Language, 2nd Ed. | |
| - The Mac Hacker's Handbook | |
| - The IDA Pro Book, 2nd Ed. (2011) | |
| - The ShellCoder's Handbook - Discovering and Exploiting Security Holes, 2nd Ed. | |
| - Gray Hat Hacking, 3rd Ed. | |
| - nasmdoc | |
| ## Where to start | |
| Long story short: pick a system, pick an area of interest, and go wild. | |
| For exploitation techniques in general (UNIX and Linux focused): | |
| 1. Start with Hacking The Art of Exploitation Chapter 2 (0x200 Programming), beginning from section 5 (0x250 Getting your Hands Dirty), Chapter 3 (0x300 Exploitation), and Chapter 5 (0x500 Shellcode). | |
| 2. Move to A Guide to Kernel Exploitation Attacking the Core and read Part 1 A Journey to Kernel Land. | |
| 3. Do CTF practice exercises concerning privilege escalation and memory corruption (this is not really a third step, just do them while you read). | |
| ## Resources | |
| ### CTF Specific Resources | |
| #### Training Sites | |
| - [Exploit-Exercises](http://exploit-exercises.com) | |
| - [Smash The Stack](http://smashthestack.org/) | |
| - [Over The Wire](http://overthewire.org/) | |
| - [Root Me : Hacking and Information Security learning platform](http://www.root-me.org/) | |
| - [Binary Auditing](http://www.binary-auditing.com/) | |
| ### Internet Resources | |
| - [Salted Password Hashing - Doing it Right](https://crackstation.net/hashing-security.htm) | |
| - [Mac Developer Library - Memory Management Programming Guide for Core Foundation - Byte Ordering](https://developer.apple.com/library/mac/documentation/corefoundation/Conceptual/CFMemoryMgmt/Concepts/ByteOrdering.html) | |
| - [Rogunix Docs](http://www.rogunix.com/docs/) | |
| - [CTF Field Guide](https://trailofbits.github.io/ctf/index.html) | |
| - [Aleph One's Smashing the Stack for Fun and Profit](http://insecure.org/stf/smashstack.html) | |
| - [Pentestmonkey’s Blog](http://www.pentestmonkey.net/) | |
| - [Metasploit Unleashed](http://www.offensive-security.com/metasploit-unleashed/Main_Page) | |
| - [g0tmi1k – Basic Linux Privilege Escalation Reference](http://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation.html) | |
| - [Corelan Team | Exploit writing tutorial part 1 : Stack Based Overflows](http://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/) | |
| - [Corelan Team | Exploit writing tutorial part 2 : Stack Based Overflows – jumping to shellcode](https://www.corelan.be/index.php/2009/07/23/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-2/) | |
| - [Corelan Team | Exploit writing tutorial part 3 : SEH Based Exploits](https://www.corelan.be/index.php/2009/07/25/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-3-seh/) | |
| - [Corelan Team | Exploit writing tutorial part 3b : SEH Based Exploits – just another example](https://www.corelan.be/index.php/2009/07/28/seh-based-exploit-writing-tutorial-continued-just-another-example-part-3b/) | |
| - [Corelan Team | Exploit writing tutorial part 6 : Bypassing Stack Cookies, SafeSeh, SEHOP, HW DEP and ASLR](https://www.corelan.be/index.php/2009/09/21/exploit-writing-tutorial-part-6-bypassing-stack-cookies-safeseh-hw-dep-and-aslr/) | |
| - [Corelan Team | Exploit writing tutorial part 8 : Win32 Egg Hunting](https://www.corelan.be/index.php/2010/01/09/exploit-writing-tutorial-part-8-win32-egg-hunting/) | |
| - [Safely Searching Process Virtual Address Space by skape](http://www.hick.org/code/skape/papers/egghunt-shellcode.pdf) | |
| - [Smashing The Modern Stack For Fun And Profit By Craig J. Heffner](http://hamsa.cs.northwestern.edu/media/readings/modern_stack_smashing.pdf) | |
| - [SEED Labs – Buffer Overflow Vulnerability Lab](http://www.cis.syr.edu/~wedu/seed/Labs_12.04/Vulnerability/Buffer_Overflow/Buffer_Overflow.pdf) | |
| - [Using SHORT (Two-byte) Relative Jump Instructions](http://thestarman.pcministry.com/asm/2bytejumps.htm) | |
| - [SLAE Assignment 5: Analyzing msfpayload shellcode](http://cloud101.eu/blog/2013/05/05/slae-assignment-5-analyzing-msfpayload-shellcode/) | |
| - [x64 Architecture Register Reference](http://msdn.microsoft.com/en-us/library/windows/hardware/ff561499(v=vs.85).aspx) | |
| - [Using Backtrack to spot and fix bad characters in custom buffer-overflow development](http://insidetrust.blogspot.com.au/2011/02/using-backtrack-to-spot-bad-characters.html) | |
| - [The Other Kind of Patch](https://isisblogs.poly.edu/2014/04/02/the-other-kind-of-patch/) | |
| ### Book Resources | |
| - Modern Cryptanalysis: Techniques for Advanced Code Breaking [ISBN: 978-0-470-13593-8] | |
| - Modern Operating Systems, 4th Ed. [ISBN: 0-13-359162-X] | |
| - /r/netsec | |
| - /r/reverseeningeering | |
| - /r/securityctf | |
| - /r/OpenToAllCTFteam | |
| - /r/netsec2 | |
| - /r/netsec_uncensored | |
| - /r/netsec/students | |
| - /r/pwned | |
| - /r/computerforensic | |
| - /r/computerforensics | |
| ## References | |
| Some (most) resources taken from: [NSIMATTSTILES](http://nsimattstiles.wordpress.com/resources/) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment