Lista de recursos para explotación en Windows

Pululando por la red encontré un proyecto en Github con una impresionante lista de recursos para explotar Windows, y otras cosas brillantes:

https://github.com/enddo/awesome-windows-exploitation

Si quieres aportar tu granito de arena no lo dudes y echa un vistazo su guía para contribuir. Alguna información tiene ya bastante tiempo pero merece la pena seguir la mayoría de los enlaces por el gran valor académico que tienen. A mi de momento me tendrá horas días semanas entretenido ;)

bon appétit!

Windows stack overflows

Stack Base Overflow Articles.

Windows heap overflows

Heap Base Overflow Articles.

Kernel based Windows overflows

Kernel Base Exploit Development Articles.

Return Oriented Programming

Windows memory protections

Windows memory protections Introduction Articles.

Bypassing filter and protections

Windows memory protections Bypass Methods Articles.

Typical windows exploits

Exploit development tutorial series

Exploid Development Tutorial Series Base on Windows Operation System Articles.

Tools

Disassemblers, debuggers, and other static and dynamic analysis tools.
  • angr - Platform-agnostic binary analysis framework developed at UCSB's Seclab.
  • BARF - Multiplatform, open source Binary Analysis and Reverse engineering Framework.
  • binnavi - Binary analysis IDE for reverse engineering based on graph visualization.
  • Bokken - GUI for Pyew and Radare.
  • Capstone - Disassembly framework for binary analysis and reversing, with support for many architectures and bindings in several languages.
  • codebro - Web based code browser using clang to provide basic code analysis.
  • dnSpy - .NET assembly editor, decompiler and debugger.
  • Evan's Debugger (EDB) - A modular debugger with a Qt GUI.
  • GDB - The GNU debugger.
  • GEF - GDB Enhanced Features, for exploiters and reverse engineers.
  • hackers-grep - A utility to search for strings in PE executables including imports, exports, and debug symbols.
  • IDA Pro - Windows disassembler and debugger, with a free evaluation version.
  • Immunity Debugger - Debugger for malware analysis and more, with a Python API.
  • ltrace - Dynamic analysis for Linux executables.
  • objdump - Part of GNU binutils, for static analysis of Linux binaries.
  • OllyDbg - An assembly-level debugger for Windows executables.
  • PANDA - Platform for Architecture-Neutral Dynamic Analysis
  • PEDA - Python Exploit Development Assistance for GDB, an enhanced display with added commands.
  • pestudio - Perform static analysis of Windows executables.
  • Process Monitor - Advanced monitoring tool for Windows programs.
  • Pyew - Python tool for malware analysis.
  • Radare2 - Reverse engineering framework, with debugger support.
  • SMRT - Sublime Malware Research Tool, a plugin for Sublime 3 to aid with malware analyis.
  • strace - Dynamic analysis for Linux executables.
  • Udis86 - Disassembler library and tool for x86 and x86_64.
  • Vivisect - Python tool for malware analysis.
  • X64dbg - An open-source x64/x32 debugger for windows.

Comentarios