{"id":21400674,"url":"https://github.com/cybersecurityup/ecxd-preparation","last_synced_at":"2025-07-24T15:32:53.071Z","repository":{"id":110995658,"uuid":"388601555","full_name":"CyberSecurityUP/eCXD-Preparation","owner":"CyberSecurityUP","description":"eLearnSecurity Certified Exploit Development","archived":false,"fork":false,"pushed_at":"2021-07-25T21:37:44.000Z","size":651,"stargazers_count":103,"open_issues_count":0,"forks_count":35,"subscribers_count":4,"default_branch":"main","last_synced_at":"2025-03-16T15:56:50.270Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/CyberSecurityUP.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-07-22T21:27:39.000Z","updated_at":"2025-02-16T23:37:17.000Z","dependencies_parsed_at":"2024-02-24T18:15:28.929Z","dependency_job_id":null,"html_url":"https://github.com/CyberSecurityUP/eCXD-Preparation","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/CyberSecurityUP/eCXD-Preparation","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CyberSecurityUP%2FeCXD-Preparation","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CyberSecurityUP%2FeCXD-Preparation/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CyberSecurityUP%2FeCXD-Preparation/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CyberSecurityUP%2FeCXD-Preparation/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/CyberSecurityUP","download_url":"https://codeload.github.com/CyberSecurityUP/eCXD-Preparation/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CyberSecurityUP%2FeCXD-Preparation/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266862606,"owners_count":23996866,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-24T02:00:09.469Z","response_time":99,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-22T15:23:33.128Z","updated_at":"2025-07-24T15:32:53.040Z","avatar_url":"https://github.com/CyberSecurityUP.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# eLearnSecurity Certified Exploit Development\n\n## What is Shellcode\n\n### https://pt.wikipedia.org/wiki/Shellcode\n\n### https://searchsecurity.techtarget.com/answer/What-is-the-relationship-between-shellcode-and-exploit-code\n\n### https://www.firewalls.com/blog/security-terms/shellcode/\n\n### https://www.yourdictionary.com/shellcode\n\n### https://translate.google.com/translate?hl=pt-BR\u0026sl=en\u0026u=https://www.easytechjunkie.com/what-is-a-shellcode.htm\u0026prev=search\u0026pto=aue\n\n### https://www.exploit-db.com/docs/english/13019-shell-code-for-beginners.pdf\n\n### https://www.pcmag.com/encyclopedia/term/shellcode\n\n### https://security.stackexchange.com/questions/167579/what-is-the-difference-between-a-payload-and-shellcode\n\n### https://pentest.blog/tag/shellcode/\n\n## Windows SEH\n\n### https://medium.datadriveninvestor.com/exploiting-millennium-mp3-studio-2-0-with-shellcode-payload-82f815bc809b\n\n### https://pdfcoffee.com/lab4-windows-seh-overflow-mp3-pdf-free.html\n\n### https://github.com/killvxk/Windows-Exploit-Development-practice/blob/master/Millenium-MP3-Studio-seh-calc.py\n\n### https://www.exploit-db.com/exploits/9298\n\n### https://packetstormsecurity.com/files/90291/MP3-Studio-1.0-Buffer-Overflow.html\n\n### https://vulners.com/exploitdb/EDB-ID:9286\n\n### https://www.exploit-db.com/exploits/42155\n\n### https://www.onsecurity.io/blog/buffer-overflow-easy-chat-server-31/\n\n### https://pdfcoffee.com/lab5-windows-seh-overflow-easychat-pdf-free.html\n\n### https://www.rapid7.com/db/modules/exploit/windows/http/easychatserver_seh/\n\n### https://www.youtube.com/watch?v=WyYj5kOCFjo\n\n### https://www.doyler.net/security-not-included/easy-chat-server-exploit\n\n### https://www.digitalmunition.me/seh-buffer-overflow-in-easy-chat-server-1/\n\n### https://sec4us.com.br/treinamentos/desenvolvimento-de-exploits-32-bits/\n\n## Fuzzing\n\n### https://www.udemy.com/course/hands-on-exploit-development-advanced/\n\n### https://www.exploit-db.com/docs/english/18924-uncovering-zero-days-and-advanced-fuzzing---slides.pdf\n\n### https://cqureacademy.com/cyber-security-training/exploit-development\n\n### https://www.youtube.com/watch?v=3Kc_joW2YgM\n\n### https://www.youtube.com/watch?v=ltYE6kbEasM\n\n### https://www.youtube.com/watch?v=50qxktPm5ic\n\n### https://www.offensive-security.com/metasploit-unleashed/writing-simple-fuzzer/\n\n### https://www.hackers-arise.com/post/2017/06/21/exploit-development-part-3-finding-vulnerabilities-by-fuzzing-with-spike\n\n### https://www.deepcode.ca/index.php/2017/03/20/software-exploit-development-fuzzing-with-afl/\n\n### https://resources.infosecinstitute.com/topic/intro-to-fuzzing/\n\n### https://github.com/guilhermeferreira/spikepp\n\n### https://www.blackhat.com/presentations/bh-usa-02/bh-us-02-aitel-spike.ppt\n\n## ASLR Bypass\n\n### https://www.youtube.com/watch?v=mPbHroMVepM\n\n### https://i.blackhat.com/briefings/asia/2018/asia-18-Marco-return-to-csu-a-new-method-to-bypass-the-64-bit-Linux-ASLR-wp.pdf\n\n### https://github.com/cryptolok/ASLRay\n\n### http://hmarco.org/cyber-security/attacks/bypass64bitsASLRLinux/offset2lib-attack.html\n\n### https://www.hacking.land/2017/10/aslray-linux-elf-x32-and-x64-aslr.html?m=1\n\n### https://codingvision.net/bypassing-aslr-dep-getting-shells-with-pwntools\n\n### https://www.youtube.com/watch?v=Pht6y4p63SE\n\n### https://www.youtube.com/watch?v=gxU3e7GbC-M\n\n## Shellcode Resource\n\n### https://github.com/alphaSeclab/shellcode-resources\n\n### https://drive.google.com/drive/folders/12Mvq6kE2HJDwN2CZhEGWizyWt87YunkU\n\n### https://medium.com/@coturnix97/exploit-exercises-protostar-stack-5-963731ff4b71\n\n### https://github.com/helviojunior/shellcodetester\n\n### https://github.com/hellman/shtest\n\n### https://github.com/NullByteGTK/Shellcode-Tester\n\n### https://github.com/NytroRST/ShellcodeCompiler\n\n### https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/\n\n### https://github.com/shayanzare/obj2shellcode\n\n### https://reverseengineering.stackexchange.com/questions/15925/how-can-i-export-only-the-opcodes-from-objdump-or-any-other-program\n\n### https://www.commandlinefu.com/commands/view/6051/get-all-shellcode-on-binary-file-from-objdump\n\n### https://daemoniolabs.wordpress.com/2012/03/17/transformar-saida-do-objdump-para-shellcode/\n\n### https://stackoverflow.com/questions/52369994/get-shellcode-from-object-dump-the-right-way\n\n### http://www.tecland.com.br/palestras/01/01-construindo_shellcodes_por_victor.pdf\n\n### https://www.exploit-db.com/docs/english/21013-shellcoding-in-linux.pdf\n\n## Shellcode x32\n\n### http://shell-storm.org/shellcode/files/shellcode-827.php\n\n### http://shell-storm.org/shellcode/files/shellcode-811.php\n\n### https://www.exploit-db.com/exploits/44321\n\n### https://vulners.com/zdt/1337DAY-ID-27788\n\n### https://github.com/MrEcco/lzw-shellcode\n\n### https://www.offensive-security.com/metasploit-unleashed/alphanumeric-shellcode/\n\n### https://github.com/SkyBulk/exploit-development/blob/master/codes/easy_rm_2.7_3_700_call_esp_jmp_esp.py\n\n### https://www.exploit-db.com/exploits/42428\n\n### https://reverseengineering.stackexchange.com/questions/25672/reason-of-padding-in-exploit\n\n### https://packetstormsecurity.com/files/156478/Windows-x86-Null-Free-WinExec-Calc.exe-Shellcode.html\n\n### https://br-sn.github.io/OSCE-Prep-Vulnserver-KSTET-Win32-API/\n\n### https://www.vividmachines.com/shellcode/shellcode.html\n\n### https://www.oreilly.com/library/view/metasploit-for-beginners/9781788295970/2717da98-f9c0-4901-a43e-6e4bac4f841d.xhtml\n\n### https://snowscan.io/custom-encoder/\n\n### https://owasp.org/www-pdf-archive//HackPraAllstars_Rooting_Your_Internals_-_Michele_Orru.pdf\n\n### https://forum.hackthebox.eu/discussion/4593/shellcode-crashes-after-made-connection-to-netcat-in-stack-base-buffer-overflow-tutorial\n\n### https://www.ired.team/offensive-security/code-injection-process-injection/executing-shellcode-with-createfiber\n\n### https://www.codeproject.com/Articles/5304605/Creating-Shellcode-from-any-Code-Using-Visual-Stud\n\n### https://systemoverlord.com/2014/06/05/minimal-x86-64-shellcode-for-binsh/\n\n### https://github.com/PacktPublishing/Penetration-Testing-with-Shellcode\n\n## Shellcode x64\n\n### https://github.com/MrEcco/lzw-shellcode\n\n### https://www.exploit-db.com/exploits/42179\n\n### https://www.exploit-db.com/exploits/46907\n\n### http://shell-storm.org/shellcode/files/shellcode-806.php\n\n### https://bufferoverflows.net/developing-custom-shellcode-x64-linux/\n\n### https://packetstormsecurity.com/files/162210/Linux-x64-execve-bin-sh-Shellcode.html\n\n### https://zerosum0x0.blogspot.com/2014/12/there-are-many-versions-of-execve.html\n\n### https://gist.github.com/matterpreter/03e2bd3cf8b26d57044f3b494e73bbea\n\n### https://ciberseguridad.blog/como-automatizar-la-extraccion-del-shellcode-de-cobalt-strike/\n\n### https://epi052.gitlab.io/notes-to-self/blog/2018-08-04-x64-linux-metasploit-execve-bin-sh-shellcode-analysis/\n\n### https://wajid-nawazish.medium.com/developing-custom-shellcode-in-x64-57172a885d77\n\n### https://owasp.org/www-pdf-archive/Introduction_to_shellcode_development.pdf\n\n### https://www.tosone.cn/ExploitDatabase/index.html?type=shellcode\n\n### https://nytrosecurity.com/2019/06/30/writing-shellcodes-for-windows-x64/\n\n### https://sec4us.com.br/cheatsheet/shellcoding\n\n### https://hackerculture.com.br/?p=1059\n\n### https://www.youtube.com/watch?v=rfML5DWgIfM\n\n### https://silviavali.github.io/blog/2019-05-01-blog-SLAE51/\n\n### https://www.programmersought.com/article/23716896022/\n\n### https://www.pwnwiki.org/index.php/Linux/x64_-_execve_(cat_/etc/shadow)_Shellcode_(66_bytes)\n\n### https://docs.pwntools.com/en/stable/shellcraft/amd64.html\n\n### https://crypto.stanford.edu/~blynn/rop/\n\n### https://mmquant.net/analysis-of-metasploit-linux-x64-exec-shellcode/\n\n### https://systemoverlord.com/2014/06/05/minimal-x86-64-shellcode-for-binsh/\n\n## Awesome Exploit Development\n\n### https://github.com/CyberSecurityUP/AWESOME-EXPLOIT-DEVELOPMENT\n\n### https://git.plociennik.info/barszczuch/hakowanie/raw/master/2/awesome-exploit-development.pdf\n\n### https://github.com/FabioBaroni/awesome-exploit-development\n\n### https://www.offensive-security.com/category/vulndev/\n\n### https://onehack.us/t/awesome-exploit-development-massive-resources-collection/189926\n\n### https://0x00sec.org/t/material-for-learning-exploit-development/1727\n\n### https://github.com/wetw0rk/Exploit-Development\n\n### https://github.com/SkyBulk/exploit-development\n\n### https://github.com/jopraveen/exploit-development\n\n### https://github.com/freddiebarrsmith/Advanced-Windows-Exploit-Development-Practice\n\n### https://github.com/freddiebarrsmith/Buffer-Overflow-Exploit-Development-Practice/blob/master/README.md\n\n### https://github.com/RackunSec/Exploit-Development\n\n### https://github.com/tagnullde/Exploit-Development\n\n### https://github.com/so87/Exploit-Development-and-Pentesting\n\n### https://github.com/gh0x0st/Buffer_Overflow\n\n### https://github.com/johnjhacking/Buffer-Overflow-Guide\n\n### https://github.com/Tib3rius/Pentest-Cheatsheets/blob/master/exploits/buffer-overflows.rst\n\n### https://github.com/joshua17sc/Buffer-Overflows\n\n### https://github.com/helviojunior/live_bufferoverflow\n\n### https://github.com/shashijangra22/Buffer-Overflow-Attack\n\n### https://github.com/Andy53/BufferOverflowExample\n\n### https://github.com/npapernot/buffer-overflow-attack\n\n### https://github.com/freddiebarrsmith/Buffer-Overflow-Exploit-Development-Practice\n\n## Assembly Language\n\n### https://github.com/topics/assembly-language\n\n### https://github.com/Apress/modern-x86-assembly-language-programming\n\n### https://github.com/0xAX/asm\n\n### https://github.com/Nxumalo/Assembly-Code\n\n### https://github.com/topics/assembly-programming\n\n### https://github.com/topics/assembly-x86\n\n### https://assembly-area55.github.io/nasm\n\n### https://www.cin.ufpe.br/~eaa3/Arquivos/Assembly/Assembly%20x86%20NASM.pdf\n\n### https://www.youtube.com/watch?v=W8UTCqWb2eQ\n\n### https://www.youtube.com/watch?v=JjnjrfQla3k\n\n### https://github.com/7h3w4lk3r/x86-nasm\n\n### https://rudamoura.com/x86.html\n\n### https://www.youtube.com/watch?v=wLXIWKUWpSs\n\n### https://www.youtube.com/watch?v=HgEGAaYdABA\n\n### https://www.youtube.com/watch?v=dkjfZyJvO0I\n\n### https://www.cs.virginia.edu/~evans/cs216/guides/x86.html\n\n### https://software.intel.com/content/www/us/en/develop/articles/introduction-to-x64-assembly.html\n\n### https://www.youtube.com/watch?v=rxsBghsrvpI\n\n### https://cs.brown.edu/courses/cs033/docs/guides/x64_cheatsheet.pdf\n\n### https://docs.microsoft.com/pt-br/cpp/assembler/masm/masm-for-x64-ml64-exe?view=msvc-160\n\n## Shellcode Development\n\n### https://www.youtube.com/watch?v=tlD6qwI9iN4\n\n### https://www.youtube.com/watch?v=0-_Wtz5L9ZY\n\n### https://www.youtube.com/watch?v=74Y_w2_MgpY\n\n### https://www.youtube.com/watch?v=Xvh8FkczNUc\n\n### https://www.youtube.com/watch?v=QEkjHunT5Cs\n\n### https://www.youtube.com/watch?v=rvZsvSH2pXo\n\n### https://www.youtube.com/watch?v=6MnC3CiT_tc\n\n### https://www.youtube.com/watch?v=CMJqeDcghws\n\n### https://www.youtube.com/watch?v=DZKjidulQak\n\n### https://www.pluralsight.com/courses/exploit-development-execution-metasploit-framework\n\n### https://www.youtube.com/watch?v=oS2O75H57qU\n\n## C Language \n\n### https://www.youtube.com/watch?v=QpAhX-gsHMs\n\n### https://www.youtube.com/watch?v=oZeezrNHxVo\n\n### https://www.edx.org/learn/c-programming\n\n### https://www.udemy.com/course/the-complete-c-programming/\n\n### https://medium.com/javarevisited/9-free-c-programming-courses-for-beginners-2486dff74065\n\n### https://www.java67.com/2020/07/5-free-courses-to-learn-c-programming.html\n\n### https://cppinstitute.org/free-c-and-c-courses\n\n### https://github.com/trending/c\n\n### https://github.com/topics/c-programming\n\n### https://github.com/PacktPublishing/Learn-C-Programming\n\n### https://github.com/gouravthakur39/beginners-C-program-examples\n\n### https://github.com/Heatwave/The-C-Programming-Language-2nd-Edition\n\n### https://github.com/roatienza/C-Programming\n\n### https://www.thegeekstuff.com/2013/06/buffer-overflow/\n\n### https://www.tallan.com/blog/2019/04/04/exploring-buffer-overflows-in-c-part-two-the-exploit/\n\n### https://www.youtube.com/watch?v=ytGATjX3nqc\n\n### https://www.youtube.com/watch?v=CQ6pGrXY1Us\n\n### https://www.youtube.com/watch?v=cHj4UkzcKwU\n\n### https://www.ired.team/offensive-security/code-injection-process-injection/writing-and-compiling-shellcode-in-c\n\n### https://adriancitu.com/2015/08/31/introduction-to-linux-shellcode-writing-part-1/\n\n### https://www.programmersought.com/article/186042228/\n\n### https://security.stackexchange.com/questions/176495/executing-a-msfvenom-shellcode-in-c-program\n\n### https://bufferoverflows.net/developing-custom-shellcode-x64-linux/\n\n### https://0x00sec.org/t/linux-shellcoding-part-1-0/289\n\n## Reviews\n\n### https://osandamalith.com/2020/06/25/my-journey-into-ecxd-elearnsecurity-certified-exploit-developer/\n\n### https://medium.com/kminthein/ecxd-review-813960dfc07b\n\n### https://itnext.io/xds-v1-elearnsecurity-course-review-cda5bb12f95b\n\n### https://www.reddit.com/r/eLearnSecurity/comments/iwh1kt/review_of_ecxd_and_ecre_elearnsecurity_courses/\n\n### https://mayaseven.com/elearnsecurity-certified-exploit-developer-ecxd-review/\n\n## Linux Stack Smashing\n\n### https://stackoverflow.com/questions/1345670/stack-smashing-detected\n\n### https://pt.stackoverflow.com/questions/305310/erro-stack-smashing-detected-em-c\n\n### https://www.educative.io/edpresso/what-is-the-stack-smashing-detected-error\n\n### https://www.vivaolinux.com.br/topico/C-C++/-stack-smashing-detected-unknown-terminated\n\n### https://wiki.gentoo.org/wiki/Stack-smashing-debugging-guide\n\n### https://www.exploit-db.com/papers/24085\n\n### https://www.thegeekstuff.com/2013/02/stack-smashing-attacks-gcc/\n\n### https://access.redhat.com/blogs/766093/posts/3548631\n\n### https://www.programmersought.com/article/40995878204/\n\n### https://www.sans.org/blog/stack-canaries-gingerly-sidestepping-the-cage/\n\n### http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.135.2164\u0026rep=rep1\u0026type=pdf\n\n### https://devconnected.com/how-to-show-hidden-files-on-linux/#:~:text=The%20easiest%20way%20to%20show,%E2%80%9D%20option%20for%20%E2%80%9Call%E2%80%9D.\u0026text=For%20example%2C%20in%20order%20to,show%20hidden%20files%20on%20Linux.\n\n### https://serverfault.com/questions/2817/hidden-features-of-linux\n\n### https://www.youtube.com/watch?v=AO4_M-l8B5U\n\n## Ret2libc\n\n### https://www.programmersought.com/article/2475157601/\n\n### https://www.youtube.com/watch?v=-cLLR-ZeTss\n\n### https://www.youtube.com/watch?v=HjiiYB4AXI8\n\n### https://github.com/nnamon/linux-exploitation-course/blob/master/lessons/7_bypass_nx_ret2libc/lessonplan.md\n\n### https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/babys-first-nxplusaslr-bypass/\n\n### https://pdfcoffee.com/lab10-linux-nx-bypass-pdf-free.html\n\n### https://pdfcoffee.com/lab11-linux-x64-nx-bypass-pdf-free.html\n\n### https://sploitfun.wordpress.com/2015/05/08/bypassing-nx-bit-using-return-to-libc/\n\n### https://nandynarwhals.org/ret2libc-namedpipes/\n\n### https://petruknisme.com/2019/07/09/smashthetux-chapter-0x00-basic-buffer-overflow-ret2libc/\n\n## LinkedIn\n\n### https://www.linkedin.com/in/joas-antonio-dos-santos\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcybersecurityup%2Fecxd-preparation","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcybersecurityup%2Fecxd-preparation","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcybersecurityup%2Fecxd-preparation/lists"}