Reverse Engineering and Exploitation.
Check out my blog, follow me on Twitter and Youtube!
- Reverse engineering a simple crackme called βJust seeβ: writeup
- Reverse engineering a level 1 crackme "Easy_firstCrackme-by-D4RK_FL0W": writeup
- Utility - Object/Executable file to shellcode converter script: code
- Utility - Assembly and link script : code
- Utility - Shellcode testing skeleton generator : code
- Utility - GDB python script template : code
- Exit syscall asm: code
- Write syscall "Hello world!": code
- Execve shellcode (dynamic addressing) code
- Ret2libc exploit for protostar stack6 challenge : code
- Exploit for protostar stack7 challenge (Smallest ROP chain): code
- Exploit for VUPlayer 2.49 (no DEP) local buffer overflow: code, writeup
- Execve shellcode (stack method) : code
- Execve shellcode using RIP relative addressing code
- Password Protected Bind Shell (Linux/x64) code, writeup
- Password Protected Reverse Shell (Linux/x64) code, writeup, Featured in the 1st number of Paged-Out
- XANAX - A custom shellcode encoder written in assembly :
- A more generic (and somewhat extensible) encoder skeleton written in Go code
- Gocryper : A custom AES shellcode crypter written in Go code, writeup
- A basic Polimorphic Engine written in Go code, writeup
- Egg-hunter shellcode (Linux/x64) code, writeup
- Password Protected Reverse Shell (Linux/ARMv6)
- MalwareTech's String Challenges crackmes: writeup
- MalwareTech's Shellcode Challenges crackmes: writeup
- DEFCON Qualys 2019 : Speedrun-001 exploit (Stack-based bof + ROP): code
- Solution for the crackme "Crackme2-be-D4RK_FL0W" writeup
- Solution for the crackme "Crack3-by-D4RK_FL0W" :
- Utility - r2frida Cheatsheet: writeup
A non-exhaustive list of tools
- radare2 (+Cutter +r2frida +r2pipe +r2ghidra-dec)
- Ghidra
- x64dbg
- Frida
- gdb (+gdb-dashboard +GEF)
- Valgrind
- Pwntools
- Wireshark
- Binwalk
- strace
- ltrace
- hexdump
- xxd
- rappel
- nasm
- gas
- Unicorn Engine
- IDA
- hexedit
- bless
- Metasploit (https://www.metasploit.com/)
There's a LOT of stuff out there. These are just the most useful things I've found so far.
- π» Live overflow
- π The shellcoder's handbook
- π» Exploit education
- π» Gynvael coldwind
- π» Azeria labs
- π» Phrack
- π» Corelan
- π» Fuzzysecurity
- π» Packetstormsecurity
- π» Exploitdb
- π Beginners RE
- π Practical reverse engineering
- π Programming linux anti-reversing techniques
- π Attacking network protocols
- π Penetration testing: A Hands-On introduction to hacking
- π» Malware Unicorn
- π Radare2 Book
- π» Paged-Out!
- π PoC||GTFO I
- π PoC||GTFO II
- π The IDA Pro Book
- π Hacker Disassembling Uncovered
- π» Reverse Engineering Stackexchange