Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

awesome-windows-exploitation

https://github.com/gavz/awesome-windows-exploitation

Last synced: about 24 hours ago
JSON representation

Tools
- X64dbg - An open-source x64/x32 debugger for windows.
- IDA Pro - Windows
- Immunity Debugger - Debugger for
- ltrace - Dynamic analysis for Linux executables.
- objdump - Part of GNU binutils,
- OllyDbg - An assembly-level debugger for Windows
- Bokken - GUI for Pyew and Radare.
Windows stack overflows
- Win32 Buffer Overflows (Location, Exploitation and Prevention) - by Dark spyrit [1999]
- Writing Stack Based Overflows on Windows - by Nish Bhalla’s [2005]
Windows heap overflows
- Exploiting the MSRPC Heap Overflow Part 1 - by Dave Aitel (MS03-026) [September 2003]
- Exploiting the MSRPC Heap Overflow Part 2 - by Dave Aitel (MS03-026) [September 2003]
- Windows heap overflow penetration in black hat - by David Litchfield [2004]
Kernel based Windows overflows
- How to attack kernel based vulns on windows was done - by a Polish group called “sec-labs” [2003]
- Sec-lab old whitepaper
- Sec-lab old exploit
- How to exploit Windows kernel memory pool - by SoBeIt [2005]
- Exploiting remote kernel overflows in windows - by Eeye Security
- I2OMGMT Driver Impersonation Attack
- Real World Kernel Pool Exploitation
- Intro to Windows Kernel Security Development
- Windows kernel vulnerability exploitation
- Windows Local Kernel Exploitation (based on sec-lab research) - by S.K Chong [2004]
Windows memory protections
Bypassing filter and protections
- Creating Arbitrary Shellcode In Unicode Expanded Strings - by Chris Anley
- Advanced windows exploitation - by Dave Aitel [2003]
- Defeating the Stack Based Buffer Overflow Prevention Mechanism of Microsoft Windows 2003 Server - by David Litchfield
- Reliable heap exploits and after that Windows Heap Exploitation (Win2KSP0 through WinXPSP2) - by Matt Conover in cansecwest 2004
- Exploiting Freelist[0 - by Brett Moore [2005]
- Understanding and bypassing Windows Heap Protection - by Nicolas Waisman [2007]
- Heaps About Heaps - by Brett moore [2008]
- Bypassing browser memory protections in Windows Vista - by Mark Dowd and Alex Sotirov [2008]
- Attacking the Vista Heap - by ben hawkes [2008]
- Defeating DEP Immunity Way - by Pablo Sole [2008]
- Bypassing SEHOP - by Stefan Le Berre Damien Cauquil [2009]
- Interpreter Exploitation : Pointer Inference and JIT Spraying - by Dionysus Blazakis[2010]
- Write-up of Pwn2Own 2010 - by Peter Vreugdenhil
- All in one 0day presented in rootedCON - by Ruben Santamarta [2010]
- DEP/ASLR bypass using 3rd party - by Shahin Ramezany [2013]
- Token Kidnapping and a super reliable exploit for windows 2k3 and 2k8 - by Cesar Cerrudo [2008]
- Exploiting Comon Flaws In Drivers
- Attacking the Vista Heap - by ben hawkes [2008]
Typical windows exploits
- Bypassing DEP by returning into HeapCreate - by Toto
- First public exploit that used ROP for bypassing DEP in adobe lib TIFF vulnerability
- PoC’s on Tokken TokenKidnapping . PoC for 2k3 -part 1 - by Cesar Cerrudo
- PoC’s on Tokken TokenKidnapping . PoC for 2k8 -part 2 - by Cesar Cerrudo
- An exploit works from win 3.1 to win 7 - by Tavis Ormandy KiTra0d
- Old ms08-067 metasploit module multi-target and DEP bypass
- SMBv2 Exploit - by Stephen Fewer
- First public ASLR bypass exploit by using partial overwrite - by Skape
- Heap spray and bypassing DEP - by Skylined
Exploit development tutorial series

Categories

Exploit development tutorial series 26 Bypassing filter and protections 18 Kernel based Windows overflows 10 Typical windows exploits 9 Tools 7 Windows heap overflows 3 Windows memory protections 3 Windows stack overflows 2

Sub Categories