Exploit Development

This section contains articles exploring the theory, concepts, and defensive implications of modern software exploitation techniques across multiple architectures and operating systems. Each article breaks down how particular vulnerability classes work, and how an adversary would typically abuse them.

• SigReturn ROP
  Using sigreturn() to execute code.
• x64 GOT Pointer Leakage
  Leaking pointers from the Global Offset Table.
• Source Code Auditing
  Performing static analysis of Python & Java code.
• Directory Junctions
  Exploiting Directory Junctions for local privilege escalation.
• Integer Security
  Common security issues with integer variables.
• Linux x64 Reverse Shellcode
  Reverse shells in x64 assembly.
• Position Independent Executables
  Exploiting PIE enabled executables.
• Execve Shellcode
  Executing the execve syscall on x64 Linux using Shellcode.
• ARM64 ROP Chaining
  Performing a Return-to-libc attack on ARM64 systems.
• x64 MPROTECT ROP
  Calling mprotect on x64 Linux.
• MIPS32 Buffer Overflows
  Exploiting memory corruption vulnerabilities on MIPS32 systems.
• LD_PRELOAD Exploitation
  Using LD_PRELOAD for dynamic function hooking and privilege escalation.
• Cyber Apocalypse 2023
  Cyber Apocalypse CTF 2023 challenge writeups.
• Windows x64 Reverse Shellcode
  Reverse shells in x64 assembly.
• Windows x64 Shellcode Development
  Writing Shellcode for Windows 11.
• Fuzzing Network Protocols
  Fuzzing Network Protocols with the BooFuzz Python library.
• Fuzzing with AFL++
  File format fuzzing with American Fuzzy Lop++.
• Reverse Engineering Network Protocols
  Analysing Network Protocols to identify vulnerabilities.
• Use After Free Vulnerabilities
  Exploiting use-after-free vulnerabilities.
• Heap Exploitation: The House of Force
  Tampering with the top chunk size field for an arbitrary write primitive.
• Ubuntu 20.04 Heap Exploitation
  Exploiting heap corruption on Ubuntu 20.04.
• Heap Thread Cache Exploitation
  Exploiting heap thread caching on glibc 2.26.
• Heap Fastbin Exploitation
  Double free exploitation of glibc heap fastbins.
• Dealing with Small Buffer Space
  Using relative JMP instructions to escape small buffers.
• 64-Bit Return-to-libc Attacks
  Bypassing NX on 64-bit Linux.
• Bypassing DEP & ASLR in Linux
  Bypassing DEP & ASLR using pointer leakage and return orientated programming.
• Format String Exploitation
  A quick tutorial on exploiting format string vulnerabilities to read and write memory.