Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/HenryHoggard/awesome-arm-exploitation

A collection of awesome videos, articles, books and resources about ARM exploitation.
https://github.com/HenryHoggard/awesome-arm-exploitation

List: awesome-arm-exploitation

arm awesome awesome-list exploitation security

Last synced: about 2 months ago
JSON representation

A collection of awesome videos, articles, books and resources about ARM exploitation.

Awesome Lists containing this project

README

        

# Awesome ARM Exploitation

[![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome)

A collection of awesome videos, articles, books, tools and resources about ARM exploitation.

## Contents
* [Conference Talks / Videos](#conference-talks--videos)
* [Articles / Papers](#articles--papers)
* [Resources](#resources)
* [CTF / Training Binaries](#ctf--training-binaries)
* [Books](#books)
* [Tools](#tools)
* [Courses](#courses)
* [Related Awesome Lists](#related-awesome-lists)
* [Contributing](#contributing)

## Conference Talks / Videos
* [Exploitation on ARM](https://www.youtube.com/watch?v=kykVyJ0dm8Y) - Itzhak Avraham - Defcon 18 (2010)
* [ARM Exploitation ROPMAP](https://www.youtube.com/watch?v=VDyf_tJ8IUg) - Long Le - Blackhat USA (2011)
* [Advanced ARM Exploitation](https://www.youtube.com/watch?v=gdsPydfBfSA) - Stephen Ridley & Stephen Lawler - Blackhat USA (2012)
* [ARM Assembly and Shellcode Basics](https://www.youtube.com/watch?v=BhjJBuX0YCU) - Saumil Shah - 44CON (2017)
* [Heap Overflow Exploits for Beginners (ARM Exploitation Tutorial)](https://www.youtube.com/watch?v=L8Ya7fBgEzU) - Billy Ellis (2017)
* [Introduction to Exploitation on ARM64](https://www.youtube.com/watch?v=xVyH68HFsQU) - Billy Ellis - Codetalks (2018)
* [Make ARM Shellcode Great Again](https://www.youtube.com/watch?v=9tx293lbGuc) - Saumil Shah - Hack.lu (2018)
* [ARM Memory Tagging, how it improves C++ memory safety](https://www.youtube.com/watch?v=iP_iHroclgM) - Kostya Serebryany - LLVM (2018)
* [Breaking Samsung's ARM Trustzone](https://i.blackhat.com/USA-19/Thursday/us-19-Peterlin-Breaking-Samsungs-ARM-TrustZone.pdf)
* [Hacker Nightmares: Giving Hackers a Headache with Exploit Mitigations](https://www.youtube.com/watch?v=riQ-WyYrxh4) - Azeria - Virtual Arm Research Summit (2020)

## Articles / Papers
* [ARM Assembly Basics Series](https://azeria-labs.com/writing-arm-assembly-part-1/) - Azeria
* [ARM Binary Exploitation Series](https://azeria-labs.com/writing-arm-shellcode/) - Azeria
* [Smashing the ARM Stack](https://www.merckedsecurity.com/blog/smashing-the-arm-stack-part-1) - Mercked Security
* [Introduction to ARMv8 64-bit Architecture](https://quequero.org/2014/04/introduction-to-arm-architecture/) - pnuic
* [Alphanumeric RISC ARM Shellcode](http://phrack.org/issues/66/12.html) - (Phrack) - Yves Younan, Pieter Philippaerts
* [Return-Oriented Programming on a Cortex-M Processor](https://ieeexplore.ieee.org/document/8029521)
* [3or ARM Exploitation Series](https://blog.3or.de/arm-exploitation-return-oriented-programming.html) - Dimitrios Slamaris
* [Developing StrongARM/Linux Shellcode](http://www.phrack.com/issues/58/10.html) - (Phrack) - funkysh
* [Reversing and Exploiting ARM Binaries](http://www.mathyvanhoef.com/2013/12/reversing-and-exploiting-arm-binaries.html) - Mathy Vanhoef
* [ARM Exploitation for IoT Series](https://quequero.org/2017/07/arm-exploitation-iot-episode-1/) - Andrea Sindoni
* [Reverse Engineering of ARM Microcontrollers](https://rdomanski.github.io/Reverse-engineering-of-ARM-Microcontrollers/) - Rdomanski
* [ARM64 Reversing and Exploitation Part 1 - ARM Instruction Set + Simple Heap Overflow
](http://highaltitudehacks.com/2020/09/05/arm64-reversing-and-exploitation-part-1-arm-instruction-set-heap-overflow/) - HighAltitudeHacks

## Resources

* [ARM Architecture Reference Manual](http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.subset.architecture.reference/index.html)
* [Online ARM Assembler](https://azm.azerialabs.com/)
* [ARM TEE Reversing and Exploitation](https://github.com/enovella/TEE-reversing)

## CTF / Training Binaries

* [Exploit Me](https://github.com/bkerler/exploit_me)
* [Exploit Challenges](https://github.com/Billy-Ellis/Exploit-Challenges)
* [Azeria ARM Lab](https://azeria-labs.com/emulate-raspberry-pi-with-qemu/)

## Books

* [Practical Reverse Engineering](https://www.wiley.com/en-us/Practical+Reverse+Engineering%3A+x86%2C+x64%2C+ARM%2C+Windows+Kernel%2C+Reversing+Tools%2C+and+Obfuscation-p-9781118787311) (Chapter 2) - Bruce Dang, Alexandre Gazet and Elias Bachalany
* [Beginners Guide to Exploitation on ARM](https://zygosec.com/book.html) - Volumes 1 & 2 - Billy Ellis
* [ARM Assembly Language: Fundamentals & Techniques](https://www.amazon.co.uk/ARM-Assembly-Language-Fundamentals-Techniques/dp/1439806101) - William Hohl

## Tools

* [Ropper](https://github.com/sashs/Ropper)

## Courses

* [Azeria ARM Training](https://training.azeria-labs.com/)
* [Pentest Academy ARM Assembly](https://www.pentesteracademy.com/course?id=46)
* [Pentest Academy Reverse Engineering for ARM Platforms](https://www.pentesteracademy.com/course?id=49)
* [IHackArm Offensive ARM Exploitation](https://ihackarm.com/)

## Related Awesome Lists

* [Awesome Android Security](https://github.com/ashishb/android-security-awesome)
* [Awesome iOS Security](https://github.com/ashishb/osx-and-ios-security-awesome)
* [Awesome IoT Hacks](https://github.com/nebgnahz/awesome-iot-hacks)
* [Awesome Exploit Development](https://github.com/FabioBaroni/awesome-exploit-development)

## [Contributing](CONTRIBUTING.md)

Your contributions are always welcome!