/WinPwn

Windows Pwnable Study

Primary LanguagePython

WinPwn

My study logs on Windows pwnables, plus some hopefully helpful resources.

References

These are the list of useful references I've checked out while studying Windows pwnable, dumped from my bookmarks. Note that some resources might be (heavily) outdated or partially mis-categorized.

Intro

Shellcoding

Stack Exploits

SEH (Structured Exception Handler)

CFG (Control Flow Guard)

Heap Exploits

TIP: If you want to work on LFH with debuggers, set _NO_DEBUG_HEAP=1

Kernel

NTAPI, Syscalls, Undocumented etc.

CTF Chals

Tools

(Automated) Deployment