class101
17-12-05, 17:38
This thread is dedicated to the selfstarters wishing to learn like me much about computer security without loosing 1h in class to have your gay diplom as CISSP, wich anyway , won't learn you to do all this. Basically a CISSP uses our programs to pentest, and so on , is a script kiddie.
Here is all various papers I have used to learn exploitation, it requires a good C language understanding and a basic asm knowledge. For learning C without loosing your time in class, I recommend you to take any open source program and to start modding it, me I took the old sfind , very nice code wich introduce you within threads, remote access, etc, and below 1.0 I had modded it and up to 1.0 I have rewrote it at all. About the assembly , you will much understand it with all time passed on exploiting.
Now some mirrors of various papers, interesting to have all of them in one place , so here it is:
[PDF] (http://heapoverflow.com/pap3rs/bh-asia-03-litchfield.pdf) David Litchfield (ngssoftware)
[PDF] (http://heapoverflow.com/pap3rs/bh-fed-03-litchfield.pdf) David Litchfield (ngssoftware)
[PDF] (http://heapoverflow.com/pap3rs/bh-us-03-litchfield-paper.pdf) David Litchfield (ngssoftware)
[PDF] (http://heapoverflow.com/pap3rs/bh-us-04-moore.pdf) Brett Moore (security-assessment)
[PPT] (http://heapoverflow.com/pap3rs/csw04-Oded+Connover.ppt) Matthew Conover (symantec)
[PDF] (http://heapoverflow.com/pap3rs/defeating-w2k3-stack-protection.pdf) David Litchfield (ngssoftware)
[PDF] (http://heapoverflow.com/pap3rs/defeating-xpsp2-heap-protection.pdf) Alexander Anisimov (ptsecurity)
[PPT] (http://heapoverflow.com/pap3rs/halvarflake-winsec02.ppt) Halvar Flake (sabre-security)
[PDF] (http://heapoverflow.com/pap3rs/IntelCodeTable.pdf) Roger Jegerlehner (intel)
[ZIP] (http://heapoverflow.com/pap3rs/sh0k.zip) Matthew Conover (symantec)
[PDF] (http://heapoverflow.com/pap3rs/StackguardPaper.pdf) Gerardo Richarte (corest)
[PDF] (http://heapoverflow.com/pap3rs/instantanea.pdf) Nicolas Waisman (immunity)
[TXT] (http://heapoverflow.com/pap3rs/smashstack.txt) Aleph One (underground)
[TXT] (http://heapoverflow.com/pap3rs/bof-forkidz.txt) teleh0r (doglover)
[TXT] (http://heapoverflow.com/pap3rs/buffer_overflows_for_newbies.txt) Mixter (mixtersecurity)
[TXT] (http://heapoverflow.com/pap3rs/howtowritebuffers.txt) mudge (l0pht)
[TXT] (http://heapoverflow.com/pap3rs/win32_bo_walkthrough.txt) sk (groundzero)
[TXT] (http://heapoverflow.com/pap3rs/advanced_buffer_overflows.txt) Taeho Oh (postech)
[PDF] (http://heapoverflow.com/pap3rs/apioverflow.pdf) Foon (tombom)
[TXT] (http://heapoverflow.com/pap3rs/BufferOverflowsXP.txt) Peter Winter-Smith (ngssoftware)
[PDF] (http://heapoverflow.com/pap3rs/core_advanced_overflows.pdf) CoreSecurity
[PDF] (http://heapoverflow.com/pap3rs/exploit_code_development.pdf) Solar Eclipse (phreedom)
[PDF] (http://heapoverflow.com/pap3rs/non-stack-bo-windows.pdf) David Litchfield (ngssoftware)
[PDF] (http://heapoverflow.com/pap3rs/Practical_SEH_exploitation.pdf) Johnny Cyperpunk (thc)
[PDF] (http://heapoverflow.com/pap3rs/advantages_of_block_based_analysis.pdf) Dave Aitel (immunity)
[PDF] (http://heapoverflow.com/pap3rs/bh-win-04-litchfield.pdf) David Litchfield (ngssoftware)
[TXT] (http://heapoverflow.com/pap3rs/heap1.txt) Anonymous
[TXT] (http://heapoverflow.com/pap3rs/heap-tute.txt) Anonymous
[PDF] (http://heapoverflow.com/pap3rs/msrpcheap.pdf) Dave Aitel (immunity)
[PDF] (http://heapoverflow.com/pap3rs/msrpcheap2.pdf) Dave Aitel (immunity)
[PDF] (http://heapoverflow.com/pap3rs/msrpcheap.pdf) Dave Aitel (immunity)
[PDF] (http://heapoverflow.com/pap3rs/Phenoelit20c3.pdf) FX (Phenoelit)
[PDF] (http://heapoverflow.com/pap3rs/thecross.pdf) Greg Hoglund (hbgary)
[PDF] (http://heapoverflow.com/pap3rs/aix-heap.pdf) David Litchfield (ngssoftware)
check the thread sometimes, I will maybe add some more I missed later.
Here is all various papers I have used to learn exploitation, it requires a good C language understanding and a basic asm knowledge. For learning C without loosing your time in class, I recommend you to take any open source program and to start modding it, me I took the old sfind , very nice code wich introduce you within threads, remote access, etc, and below 1.0 I had modded it and up to 1.0 I have rewrote it at all. About the assembly , you will much understand it with all time passed on exploiting.
Now some mirrors of various papers, interesting to have all of them in one place , so here it is:
[PDF] (http://heapoverflow.com/pap3rs/bh-asia-03-litchfield.pdf) David Litchfield (ngssoftware)
[PDF] (http://heapoverflow.com/pap3rs/bh-fed-03-litchfield.pdf) David Litchfield (ngssoftware)
[PDF] (http://heapoverflow.com/pap3rs/bh-us-03-litchfield-paper.pdf) David Litchfield (ngssoftware)
[PDF] (http://heapoverflow.com/pap3rs/bh-us-04-moore.pdf) Brett Moore (security-assessment)
[PPT] (http://heapoverflow.com/pap3rs/csw04-Oded+Connover.ppt) Matthew Conover (symantec)
[PDF] (http://heapoverflow.com/pap3rs/defeating-w2k3-stack-protection.pdf) David Litchfield (ngssoftware)
[PDF] (http://heapoverflow.com/pap3rs/defeating-xpsp2-heap-protection.pdf) Alexander Anisimov (ptsecurity)
[PPT] (http://heapoverflow.com/pap3rs/halvarflake-winsec02.ppt) Halvar Flake (sabre-security)
[PDF] (http://heapoverflow.com/pap3rs/IntelCodeTable.pdf) Roger Jegerlehner (intel)
[ZIP] (http://heapoverflow.com/pap3rs/sh0k.zip) Matthew Conover (symantec)
[PDF] (http://heapoverflow.com/pap3rs/StackguardPaper.pdf) Gerardo Richarte (corest)
[PDF] (http://heapoverflow.com/pap3rs/instantanea.pdf) Nicolas Waisman (immunity)
[TXT] (http://heapoverflow.com/pap3rs/smashstack.txt) Aleph One (underground)
[TXT] (http://heapoverflow.com/pap3rs/bof-forkidz.txt) teleh0r (doglover)
[TXT] (http://heapoverflow.com/pap3rs/buffer_overflows_for_newbies.txt) Mixter (mixtersecurity)
[TXT] (http://heapoverflow.com/pap3rs/howtowritebuffers.txt) mudge (l0pht)
[TXT] (http://heapoverflow.com/pap3rs/win32_bo_walkthrough.txt) sk (groundzero)
[TXT] (http://heapoverflow.com/pap3rs/advanced_buffer_overflows.txt) Taeho Oh (postech)
[PDF] (http://heapoverflow.com/pap3rs/apioverflow.pdf) Foon (tombom)
[TXT] (http://heapoverflow.com/pap3rs/BufferOverflowsXP.txt) Peter Winter-Smith (ngssoftware)
[PDF] (http://heapoverflow.com/pap3rs/core_advanced_overflows.pdf) CoreSecurity
[PDF] (http://heapoverflow.com/pap3rs/exploit_code_development.pdf) Solar Eclipse (phreedom)
[PDF] (http://heapoverflow.com/pap3rs/non-stack-bo-windows.pdf) David Litchfield (ngssoftware)
[PDF] (http://heapoverflow.com/pap3rs/Practical_SEH_exploitation.pdf) Johnny Cyperpunk (thc)
[PDF] (http://heapoverflow.com/pap3rs/advantages_of_block_based_analysis.pdf) Dave Aitel (immunity)
[PDF] (http://heapoverflow.com/pap3rs/bh-win-04-litchfield.pdf) David Litchfield (ngssoftware)
[TXT] (http://heapoverflow.com/pap3rs/heap1.txt) Anonymous
[TXT] (http://heapoverflow.com/pap3rs/heap-tute.txt) Anonymous
[PDF] (http://heapoverflow.com/pap3rs/msrpcheap.pdf) Dave Aitel (immunity)
[PDF] (http://heapoverflow.com/pap3rs/msrpcheap2.pdf) Dave Aitel (immunity)
[PDF] (http://heapoverflow.com/pap3rs/msrpcheap.pdf) Dave Aitel (immunity)
[PDF] (http://heapoverflow.com/pap3rs/Phenoelit20c3.pdf) FX (Phenoelit)
[PDF] (http://heapoverflow.com/pap3rs/thecross.pdf) Greg Hoglund (hbgary)
[PDF] (http://heapoverflow.com/pap3rs/aix-heap.pdf) David Litchfield (ngssoftware)
check the thread sometimes, I will maybe add some more I missed later.