A curated list of awesome Windows Exploitation resources, and shiny things.
There is no pre-established order of items in each category, the order is for contribution. If you want to contribute, please read the guide.
- Windows stack overflows
- Windows heap overflows
- Kernel based Windows overflows
- Return Oriented Programming
- Windows memory protections
- Bypassing filter and protections
- Typical windows exploits
- Exploit development tutorial series
- Tools
- angr - Platform-agnostic binary analysis framework developed at UCSB's Seclab.
- BARF - Multiplatform, open source Binary Analysis and Reverse engineering Framework.
- binnavi - Binary analysis IDE for reverse engineering based on graph visualization.
- Bokken - GUI for Pyew and Radare.
- Capstone - Disassembly framework for binary analysis and reversing, with support for many architectures and bindings in several languages.
- codebro - Web based code browser using clang to provide basic code analysis.
- dnSpy - .NET assembly editor, decompiler and debugger.
- Evan's Debugger (EDB) - A modular debugger with a Qt GUI.
- GDB - The GNU debugger.
- GEF - GDB Enhanced Features, for exploiters and reverse engineers.
- hackers-grep - A utility to search for strings in PE executables including imports, exports, and debug symbols.
- IDA Pro - Windows disassembler and debugger, with a free evaluation version.
- Immunity Debugger - Debugger for malware analysis and more, with a Python API.
- ltrace - Dynamic analysis for Linux executables.
- objdump - Part of GNU binutils, for static analysis of Linux binaries.
- OllyDbg - An assembly-level debugger for Windows executables.
- PANDA - Platform for Architecture-Neutral Dynamic Analysis
- PEDA - Python Exploit Development Assistance for GDB, an enhanced display with added commands.
- pestudio - Perform static analysis of Windows executables.
- Process Monitor - Advanced monitoring tool for Windows programs.
- Pyew - Python tool for malware analysis.
- Radare2 - Reverse engineering framework, with debugger support.
- SMRT - Sublime Malware Research Tool, a plugin for Sublime 3 to aid with malware analyis.
- strace - Dynamic analysis for Linux executables.
- Udis86 - Disassembler library and tool for x86 and x86_64.
- Vivisect - Python tool for malware analysis.
- X64dbg - An open-source x64/x32 debugger for windows.