Empezamos la semana con un recopilatorio de enlaces para aprender/repasar ingenier铆a inversa de Jackson Thuraisamy de Security Compass. B谩sicamente es una serie de recursos que su autor fue recopilando mientras estuvo aprendiendo a encontrar vulnerabilidades de corrupci贸n de memoria en Windows. El resultado es una lista bastante actualizada y variada con v铆deos, art铆culos, tutoriales, writeups, etc., que siempre conviene tener a mano para revisar. Aqu铆 os la dejo:
- LiveOverflow Binary Hacking馃専馃挰
- OpenSecurityTraining.info: Introductory Intel x86馃専
- OpenSecurityTraining.info: Introduction to Reverse Engineering Software
- RPISEC: Modern Binary Exploitation馃専
- OpenSecurityTraining.info: The Life of Binaries
- OpenSecurityTraining.info: Reverse Engineering Malware
- RPISEC: Malware Analysis
- The C Programming Language (K&R)
- The GNU C Reference Manual
- Learn C the Hard Way
- Learn C in Y Minutes
- Practical Reverse Engineering馃専馃挰
- Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software馃専馃挰
- Assembly Language Step-by-Step: Programming with Linux
- Wikibooks: x86 Disassembly
- A Bug Hunter's Diary馃専馃挰
- Reversing: Secrets of Reverse Engineering馃専馃挰
- The Shellcoder's Handbook: Discovering and Exploiting Security Holes
- Windows Internals馃専
- Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats
- Basic Dynamic Analysis with IDA Pro and WinDbg馃挰
- A Link to the Past: Abusing Symbolic Links on Windows
- Windows Kernel Graphics Driver Attack Surface
- bee13oy: Attacking Antivirus Software's Kernel Driver馃挰
- Direct X: Direct Way to Microsoft Windows Kernel
- A Window Into Ring 0
- Windows Drivers Attack Surface
- Malware Unicorn: Reverse Engineering Malware 101馃専
- HumbleSec: Assembly to Pseudocode Manually馃挰
- Mozilla: A Crash Course in Memory Management
- Corelan Team Exploit Writing
- Hacking the PS4: Userland ROP馃挰
- What is a "good" memory corruption vulnerability?馃専
- Attacking JavaScript Engines: A case study of JavaScriptCore and CVE-2016-4622
- The Stack Clash (Qualys Security Advisory)
- Windows Kernel Exploitation Part 3: Arb. Overwrite, NULL Ptr, Type Confusion And Int. Overflow Examples
- Windows Kernel Exploitation Part 4: Introduction to Windows Kernel Pool Exploitation
- hasherezade: Starting with Windows Kernel Exploitation
- Windows Kernel Exploitation Part 0: Kernel Debugging
- Windows Kernel Exploitation Part 1: Getting Started With The HackSysTeam Extremely Vulnerable Driver
- Windows Kernel Exploitation Part 2: My First Kernel Exploit
- A Brief Introduction To Using Z3 With Python
- FuzzySecurity Tutorials馃専馃挰
- phoenhex team write-ups馃専馃挰
- Project Zero Issue Tracker馃専馃挰
- Flare-On Challenge Solutions: 2015
- Flare-On Challenge Solutions: 2016
- Exploiting a Firefox UAF with Shared Array Buffers
- Analysis and Exploitation of an ESET Vulnerability
- Attacking the Windows NVIDIA Driver
- Smashing Flare-On #2 with Concolic Testing
- Windows Kernel Resources馃挰
- Dennis Yurichev's Reversing Challenges
- Exploit Exercises馃専
- Flare-On Challenges
- Compiler Explorer馃専馃挰
- HackSys Extreme Vulnerable Windows Driver
- Trail of Bits: manticore
- Trail of Bits: mcsema馃挰
- QuarksLab: Triton
- UCSB: Angr
- CMU: Pharos
- CEA: miasm
- CEA: qira
Gracias por compartir tal informaci贸n.
ResponderEliminargracias por compartirlo,estaba buscando algo asi
ResponderEliminarBueno... Pues voy a intentar fum谩rmelo todo como si de una Carrera se tratase.
ResponderEliminarA ver hasta d贸nde llego.
Hola...perd贸n por revivir este art铆culo del 2017, pero creo que falta algo... Os hab茅is dejado fuera al gran Ricardo Narvaja y sus cursos, tanto de reversing,como de exploits y demas... Y la lista de crackslatinos...!!!!
ResponderEliminar