- Justin Steven - dostackbufferoverflowgood
- The Cyber Mentor - Buffer Overflows Made Easy
- Brainpan: 1 - superkojiman
- https://kalitut.com/exploit-development-resources/
- https://github.com/johnjhacking/Buffer-Overflow-Guide
- https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/
- https://www.corelan.be/index.php/2009/07/23/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-2/
- https://www.sans.org/reading-room/whitepapers/threats/buffer-overflows-dummies-481
- https://www.vortex.id.au/2017/05/pwkoscp-stack-buffer-overflow-practice/
- https://www-inst.eecs.berkeley.edu//~cs161/fa08/papers/stack_smashing.pdf
- https://samsclass.info/127/proj/lbuf1.htm
- https://github.com/D4mianWayne/PwnLand
- https://github.com/johnjhacking/Buffer-Overflow-Guide
- https://tc.gts3.org/cs6265/2019/tut/tut01-warmup1.html
- https://www.reddit.com/r/ExploitDev/comments/7zdrzc/exploit_development_learning_roadmap/
- https://github.com/ashemery/exploitation-course
- https://pwn.college/modules/intro
- https://www.hackingarticles.in/a-beginners-guide-to-buffer-overflow/
- https://breaking-bits.gitbook.io/breaking-bits/exploit-development/linux-kernel-exploit-development
- Penetration Testing: Stack based Buffer Overflow in Linux - pg. 361
- Penetration Testing: Stack based Buffer Overflow in Windows- pg. 379
- Penetration Testing: Structured Exception Handler Overwrites- pg. 401
- https://owasp.org/www-community/attacks/Buffer_overflow_attack
- https://owasp.org/www-community/attacks/Buffer_Overflow_via_Environment_Variables
- https://github.com/m0chan/h4cks/tree/master/Buffer%20Overflow%20Stuff
- Attacking Network Protocols: Memory Corruption Vulnerabilities - pg. 210
Stack
- pwn.college
- Rop Emporium
- Nightmare
- CTF-Wiki
- Ret2 Systems (paid)
- Ironstone
- PWN Practice (mine)
Heap
Kernel basics/dev
- Linux Device Drivers
- Linux Kernel Labs
- Understanding the Linux Kernel
- Linux Kernel Programming P1
- Linux Kernel Programming P2
Exploitation
- seal9055_Complete Introduction (mine)
- Official V8 Blog
- pwnbykenny V8 Objects
- Jayconrod V8 Objects
- Doar
- Saelo Phrack
- Faith
- MGP25
- Ret2
- Google Project Zero
- Embedded Intro Videos
- &>/dev/null
- Debugmen Enabot
- Embedded Bits
- Sans Whitepaper Router Hack
- Grimm
- Car Hacking Paper
- Flashback Team
- Printer Hacking Stream
- Hardware Hacking Handbook
- https://www.youtube.com/watch?v=1S0aBV-Waeo
- http://www.securitytube.net/groups?operation=view&groupId=5
- http://www.securitytube.net/groups?operation=view&groupId=4
- http://www.securitytube.net/groups?operation=view&groupId=7
- https://www.youtube.com/playlist?list=PLLKT__MCUeix3O0DPbmuaRuR_4Hxo4m3G
- https://www.exploit-db.com/exploits/636
- https://www.exploit-db.com/exploits/10434
- https://www.exploit-db.com/exploits/40673
- https://www.exploit-db.com/exploits/39480
- Frida - Inject arbitrary code into other applications!
- buffer-overflow - This tool is created in order to allow penetration testers / researchers to quickly test out simple buffer overflows, without having to write a line of code.
- peda - PEDA - Python Exploit Development Assistance for GDB
- pwntools - Pwntools is a CTF framework and exploit development library. Written in Python, it is designed for rapid prototyping and development, and intended to make exploit writing as simple as possible.
- gef - A set of commands for x86/64, ARM, MIPS, PowerPC and SPARC to assist exploit developers and reverse-engineers when using old school GDB.
- pwndbg - Exploit Development and Reverse Engineering with GDB Made Easy
- bed - BED is a program which is designed to check daemons for potential buffer overflows, format strings et. al.
- doona - Doona is a fork of the Bruteforce Exploit Detector Tool (BED).
- Immunity Debugger: https://www.immunityinc.com/products/debugger/
- Vulnserver: http://www.thegreycorner.com/p/vulnserver.html
- Bad Chars: https://www.ins1gn1a.com/identifying-bad-characters/
- https://github.com/fkie-cad/cwe_checker - cwe_checker finds vulnerable patterns in binary executables