| Author |
Langage |
Description |
|
|
|
| Payer & Teufl & Lamberger | English | Hybrid Engine for Polymorphic Shellcode Detection |
| akash,junghee,mpoli,liblit | English | Path Optimization in Programs and its Application to Debugging |
| Itzhak (Zuk) Avraham | English | Non-Executable Stack ARM Exploitation |
| ARM University Program | English | The ARM Instruction Set |
| ARM doc | English | ARM Addressing Modes Quick Reference Card |
| Agner Fog | English | Calling conventions for different C++ compilers and operating systems |
| Tim Newsham | English | Format String Attacks |
| sud0 | English | Bypassing DEP with WPM & ROP |
| scut / team teso | English | Exploiting Format String Vulnerabilities |
| Maximiliano Caceres | English | Syscall Proxying - Simulating remote execution |
| j00ru & Gynvael Coldwind | English | GDT and LDT in Windows kernel vulnerability exploitation |
| Peter Van Eeckhoutte | English | Exploit writing tutorial part 8 : Win32 Egg Hunting |
| P.Fayolle & V.Glaume | English | A Buffer Overflow Study Attacks & Defenses |
| funkysh | English | Developing StrongARM/Linux shellcode |
| K.Fenzi & D.Wreski | English | Linux Security HOWTO |
| linuxsecurity.com | English | Linux Security Quick Reference Guide |
| Peter Van Eeckhoutte | English | Exploit writing tutorial part 7 : Unicode – from 0×00410041 to calc |
| Peter Van Eeckhoutte | English | Exploit writing tutorial part 6 : Bypassing Stack Cookies, SafeSeh, HW DEP and ASLR |
| Peter Van Eeckhoutte | English | Exploit writing tutorial part 5 : How debugger modules & plugins can speed up basic exploit development |
| Peter Van Eeckhoutte | English | Exploit writing tutorial part 4 : From Exploit to Metasploit – The basics |
| Peter Van Eeckhoutte | English | Exploit writing tutorial part 3b : SEH Based Exploits – just another example |
| Peter Van Eeckhoutte | English | Exploit writing tutorial part 3 : SEH Based Exploits |
| Peter Van Eeckhoutte | English | Exploit writing tutorial part 2 : Stack Based Overflows – jumping to shellcode |
| Peter Van Eeckhoutte | English | Exploit writing tutorial part 1 : Stack Based Overflows |
| Alexandr Polyakov | English | SAP security: attacking sap client |
| Yingbo Song | English | On the Infeasibility of Modeling Polymorphic Shellcode |
| Fermin J. Serna | English | Polymorphic Shellcodes vs. Application IDSs |
| Peter Teufl | English | Hybrid Engine for Polymorphic Shellcode Detection |
| Michalis Polychronakis | English | Network-Level Polymorphic Shellcode Detection Using Emulation |
| Jianwei Huang | English | Reverse Engineering MAC: A Non-Cooperative Game Model [2] |
| Pamela Samuelson | English | The Law and Economics of Reverse Engineering |
| Aaron Portnoy | English | Reverse Engineer’s Cookbook |
| Timothy S. Gardner | English | Reverse-engineering transcription control networks |
| skape | English | Reverse Engineering: Memory Analysis |
| Weidong Cui | English | Tupni: Automatic Reverse Engineering of Input Formats |
| Pamela Samuelson | English | REVERSE ENGINEERING UNDER SIEGE |
| J-M. Petit | English | Towards the Reverse Engineering of Denormalized Relational Databases |
| r10jm.ps | English | Reverse Engineering and Program Understanding |
| M.Shang & W.Du | English | System Call Sequence (_chmod example) |
| Jialong He | English | LINUX System Call Quick Reference |
| D.Mazzocchio | English | Writing shellcode for Linux and *BSD |
| scut/teso | English | Writing MIPS/IRIX shellcode |
| ngssoftware.com | English | Writing Small Shellcode |
| nologin.org | English | Safely Searching Process Virtual Address Space |
| B-r00t | English | PowerPC / OS X (Darwin) Shellcode Assembly |
| nologin.org | English | Understanding Windows Shellcode |
| H D Moore | English | Mac OS X PPC Shellcode Tricks |
| spoonm | English | Recent Shellcode Developments |
| Tim Hurman | English | Exploring Windows CE Shellcode |
| Masaki Suenaga | English | Evolving Shell Code (Symantec) |
| Barabas | English | Pratical Linux Shellcode |
| Kezhaya & Joglekar | English | Writing shellcode exploits for VoIP phones |
| Nightmare | English | PE Infection – How to Inject a dll |
| Robert Calderbank | English | Reverse Engineering MAC Protocol |
| Karsten Nohl | English | Reverse-Engineering a Cryptographic RFID Tag |
| John Aycock | English | UCPy: Reverse-Engineering Python |
| Paul Vincent Sabanal | English | Reversing C++ |
| Omer Berkman | English | The unbearable lightness of PIN cracking |
| Mike Bond | English | Decimalisation Table Attacks for PIN Cracking |
| Aelphaeis Mangarae | English | Learn Information Gathering By Example |
| Aelphaeis Mangarae | English | SEH Overwrites Simplified v1.01 |
| Aelphaeis Mangarae | English | Cracking the basics |
| Aelphaeis Mangarae | English | Steganography FAQ |
| Aelphaeis Mangarae | English | Hardening Windows NT |
| hEYWIRE | English | Cyclic Redundancy Check (CRC) |
| Aelphaeis Mangarae | English | Assault on PHP Applications |
| Lavakumar Kuppan | English | Bypassing Web Application Firewalls with HTTP Parameter Pollution |
| David Kennedy | English | Bypassing Hardware Based Data Execution Prevention (DEP) On Windows 2003 SP2 |
| Jason R. Davis | English | MPI and Password Cracking |
| Eric Botcazou | English | Compile-time stack requirements analysis with GCC |
| Peter Brass | English | Elementary Structures |
| Malcolm Heywood | English | On Evolving Buffer Overflow Attacks Using Genetic Programming |
| Nick Feamster | English | Wireless Security and Buffer Overflows |
| Zhimin Gu | English | Buffer Overflow Attacks on Linux Principles Analyzing and Protection |
| Brian Fellowes | English | Debugging multi-threaded applications with RTOS-aware tools |
| Eric Chien & Peter Szor | English | Blended attacks exploits, Vulnerabilities and Buffer-Overlow Techinques |
| n/a | English | Building A Simple Stack Abstraction |
| Stefan Schauer | English | Experiencing Enhanced Emulation Debugging |
| Igor Yuklyanyuk | English | Stack Based Buffer Overflows and Protection Mechanisms |
| Zili Shao | English | Defending Embedded Systems Against Buffer Overflow via Hardware/Software |
| Thomas W. Olzak | English | Web Application Security - Buffer Overflows: Are you really at risk? |
| Maxim | English | Implementing a Soft Stack in Data Memory on the MAXQ2000 |
| Marius Gafen | English | Alternative Java Threading Designs for Real-Time Environments |
| Asia Slowinska | English | Accurate analysis of heap and stack overflows by means of age stamps |
| Nicolas Falliere | English | Bypassing Windows heap protections |
| Greg Hoglund | English | The cross-page overwrite and it’ application in heap overflows |
| YJ.Park & G.Lee | English | Repairing Return Address Stack for Buffer Overflow Protection |
| A.Iyer & M. Liebrock | English | Vulnerability Scanning for Buffer Overflow |
| André Zuquete | English | StackFences: a run-time approach for detecting stack overflows |
| Ali Rahbar | English | Stack overflow on Windows XP SP2 |
| Yoonseo Choi | English | Optimal Register Reassignment for Register Stack Overflow Minimization |
| Yair Wiseman | English | Eliminating the Threat of Kernel Stack Overflows |
| Michael Ligh | English | Compression Plus and Tumbleweed EMF Stack Overflow Security Advisory |
| Malcolm Heywood | English | Evolving Successful Stack Overflow Attacks for Vulnerability Testing |
| n/a | English | Analysis of ANI “anih” Header Stack Overflow Vulnerability |
| npouvesle | English | NetWare Kernel Stack Overflow Exploitation |
| Ryan Smith | English | RARLab’s WinRAR Local Stack Overflow |
| Adrian Dunston | English | Stack Overflow: A Great Place for Answers |
| Alexander Sotirov | English | Heap Feng Shui in JavaScript |
| Sergio Alvarez | English | Win32 Stack BufferOverFlow Real Life Vuln-Dev Process |
| Aelphaeis Mangarae | English | Stack Overflow Exploitation Explained |
| steve hanna | English | Shellcoding for Linux and Windows Tutorial |
| Nicolas Falliere | English | Anatomy of a Malware |
| Luke Jennings | English | Security Implications of Windows Access Tokens |
| Charalambous Glafkos | English | Securing & Hardening Linux v1.0 |
| Brett Moore | English | Access Through Access |
| warlord | English | ActiveX - Active Exploitation |
| Alex Hernandez | English | Symantec Altiris Deployment Solution Elevation of Privileges Vulnerabilities |
| N.George & C.Glafkos | English | Reverse Engineering: Anti-Cracking Techniques |
| N.George & C.Glafkos | English | Reverse Engineering: Smashing the Signature |
| Jeremy Brown | English | A Useful Approach to Finding Bugs |
| mxatone | English | Analyzing local privilege escalations in win32k |
| skape | English | Using dual-mappings to evade automated unpackers |
| Chaitanya Sharma | English | TippingPoint IPS Signature Evasion through Packet Fragmentation |
| Feathers McGraw | English | Using (ShoutBoxes) to control malicious software |
| Bui Quang Minh | English | How Conficker makes use of MS08-067 |
| Nightmare | English | Reverse Code Engineering (RCE) |
| Sergey Rublev | English | WPAD TECHNOLOGY WEAKNESSES |
| Luca Carettoni | English | HTTP Parameter Pollution |
| Kim Davies | English | DNS Cache Poisoning Vulnerability |
| C.Cowan & P.Wagle ... | English | Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade |
| Trent Nelson | English | Common Control System Vulnerability |
| Mitja Kolsek | English | Session Fixation Vulnerability in Web-based Applications |
| Charlie Miller | English | The Legitimate Vulnerability Market |
| NIST | English | PBX Vulnerability Analysis |
| David Litchfield | English | Lateral SQL Injection: A ew Class of Vulnerability in Oracle |
| Jeffrey R. Jones | English | Browser Vulnerability Analysis |
| securityevaluators.com | English | Engineering Heap Overflow Exploits with JavaScript |
| X.Wang & CC.Pan ... | English | A Signature-free Buffer Overflow Attack Blocker |
| Sebastian Krahmer | English | x86-64 buffer overflow exploits and the borrowed code chunks exploitation technique |
| alexander steven | English | Defeating compiler-level buffer overflow protection |
| Michael Zhivich | English | Dynamic Buffer Overflow Detection |
| David Larochelle | English | Statically Detecting Likely Buffer Overflow Vulnerabilities |
| E.Haugh & M.Bishop | English | Testing C Programs for Buffer Overflow Vulnerabilities |
| O.Ruwase & S.Lam | English | A Practical Dynamic Buffer Overflow Detector |
| David Litchfield | English | Defeating the Stack Based Buffer Overflow Prevention Mechanism of Microsoft Windows 2003 Server |
| David M. Alter | English | Online Stack Overflow Detection on the TMS320C28x DSP |
| Ali Rahbar | English | Stack overflow on Windows Vista |
| Regehr & Reid & Webb | English | Eliminating stack overflow by abstract interpretation |
| Pierre Guillemin | English | Stack Overflow Detection Using The ST9 TIMER/WATCHDOG |
| Peter Winter-Smith | English | Blind Exploitation of Stack Overflow Vulnerabilities |
