{"id":51116146,"url":"https://github.com/hey1me/offsec-books","last_synced_at":"2026-06-24T22:00:59.597Z","repository":{"id":360509840,"uuid":"1229892304","full_name":"hey1me/OffSec-Books","owner":"hey1me","description":"Offensive Security Books","archived":false,"fork":false,"pushed_at":"2026-05-26T17:26:13.000Z","size":833,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-26T19:15:00.247Z","etag":null,"topics":["book","ctf","cybersecurity","offensive-security","reverse-engineering","vulnerability-research"],"latest_commit_sha":null,"homepage":"https://hey1me.org","language":"Markdown","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hey1me.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-05-05T13:34:25.000Z","updated_at":"2026-05-26T17:26:17.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/hey1me/OffSec-Books","commit_stats":null,"previous_names":["hey1me/offsec-books"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/hey1me/OffSec-Books","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hey1me%2FOffSec-Books","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hey1me%2FOffSec-Books/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hey1me%2FOffSec-Books/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hey1me%2FOffSec-Books/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hey1me","download_url":"https://codeload.github.com/hey1me/OffSec-Books/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hey1me%2FOffSec-Books/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34750953,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-24T02:00:07.484Z","response_time":106,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["book","ctf","cybersecurity","offensive-security","reverse-engineering","vulnerability-research"],"created_at":"2026-06-24T22:00:58.830Z","updated_at":"2026-06-24T22:00:59.588Z","avatar_url":"https://github.com/hey1me.png","language":"Markdown","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Vulnerability Research (VR) \u0026 Offensive Engineering Series\n\nAn expert-level repository dedicated to the pursuit of software flaws in **C**, **x86_64/ARM64 Assembly**, and **Golang**. This series moves from manual binary analysis to automated discovery systems and strategic research operations.\n\n## 📚 Repository Structure\n\n### [1. The RE Researcher's Handbook](https://github.com/hey1me/OffSec-Books/tree/main/1.%20The%20RE%20Researcher's%20Handbook)\n**Focus:** The fundamental mindset and toolkit for Reverse Engineering.\n- Tooling (Ghidra, IDA, GDB).\n- Deobfuscation and pattern recognition.\n- Bridging the gap between CTF and real-world research.\n\n### [2. Expert RE for Vulnerability Research](https://github.com/hey1me/OffSec-Books/tree/main/2.%20Expert%20RE%20for%20Vulnerability%20Research)\n**Focus:** Deep-dive analysis of systems and memory.\n- Advanced x86_64/ARM64 architecture.\n- **Go Internals:** Reversing the Go runtime, scheduler, and interfaces.\n- Custom memory allocators and heap primitives.\n\n### [3. Fuzzing \u0026 Program Analysis](http://github.com/hey1me/OffSec-Books/tree/main/3.%20Fuzzing%20\u0026%20Program%20Analysis)\n**Focus:** Engineering the automated hunt.\n- Harness engineering for C and Go.\n- Symbolic execution (Angr/Triton) and Taint analysis.\n- Coverage-guided fuzzing and custom mutators.\n\n### [4. The Economics of Research](http://github.com/hey1me/OffSec-Books/tree/main/4.%20The%20Economics%20of%20Research)\n**Focus:** Strategic operations and target selection.\n- Bug collision probability and ROI analysis.\n- Binary diffing (patch analysis) and target recon.\n- Disclosure methodology and the 0-day market.\n\n### [5. CTF Journey - The Binary Specialist's Path](https://github.com/hey1me/OffSec-Books/tree/main/5.%20CTF%20Journey%20-%20The%20Binary%20Specialist's%20Path)\n**Focus:** Speed-running binary challenges and mastering \"CTF-only\" heap/stack primitives. \n- Techniques for identifying vulnerabilities (Stack, Heap, Logic) and weaponizing them in under 10 minutes.\n- Mastering \"House of\" heap attacks, format string sorcery, and Sigreturn-Oriented Programming (SROP).\n- Using Z3 for complex RE puzzles and building reusable pwntools templates for high-speed exploit delivery.\n\n### [6. CTF Journey 2 - Hardened Targets \u0026 Escapes](https://github.com/hey1me/OffSec-Books/tree/main/6.%20CTF%20Journey%202%20-%20Hardened%20Targets%20\u0026%20Escapes/)\n**Focus:** Breaking out of sandboxes (Seccomp), Kernel Pwn, and non-x86 architectures (ARM64/MIPS).\n- Mastering Linux kernel pwn, credential structure manipulation, and bypassing KASLR/SMEP/SMAP.\n- Identifying flaws in Seccomp filters and exploiting container/namespace escapes to reach the host flag.\n- Adapting exploitation primitives to ARM64 (PAC/BTI) and esoteric MIPS/PowerPC environments.\n\n### [7. CTF Journey 3 - Automation \u0026 War-Gaming](https://github.com/hey1me/OffSec-Books/tree/main/7.%20CTF%20Journey%203%20-%20Automation%20\u0026%20War-Gaming/)\n**Focus:** Attack-Defense (A/D) strategy, exploit sniffing, and building automated \"Auto-Pwner\" engines.\n- Engineering traffic sniffers to intercept adversary exploits and performing rapid binary patching under fire.\n- Developing Python frameworks to deploy polymorphic shellcode across large-scale competition infrastructure.\n- Advanced analysis of Golang binaries in competitive environments, focusing on goroutine and runtime vulnerabilities.\n\n### [8. DEF CON CTF - The Final Boss](https://github.com/hey1me/OffSec-Books/tree/main/8.%20DEF%20CON%20CTF%20-%20The%20Final%20Boss)\n**Focus:** Championship-level research involving custom ISAs, microkernels, and esoteric hardware emulation.\n- Strategies for lifting unknown Instruction Set Architectures (ISA) to LLVM IR for automated analysis.\n- Auditing and exploiting proprietary game engines and \"bare-metal\" RTOS challenges.\n- Leveraging Unicorn and Capstone to build custom emulators and solvers for mid-game hardware reveals.\n\n---\n\n## ⚖️ License \u0026 Attribution\n\nCopyright (c) 2026 HEY1ME\n\nThis work is licensed under a [Attribution-NonCommercial-ShareAlike 4.0 International License](https://github.com/hey1me/OffSec-Books/blob/main/LICENSE).\n\n**You are free to:**\n- **Share** — copy and redistribute the material in any medium or format.\n- **Adapt** — remix, transform, and build upon the material.\n\n**Under the following terms:**\n- **Attribution** — You must give appropriate credit to [HEY1ME](https://github.com/hey1me).\n- **NonCommercial** — You may not use the material for commercial purposes.\n- **ShareAlike** — If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhey1me%2Foffsec-books","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhey1me%2Foffsec-books","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhey1me%2Foffsec-books/lists"}