Collection of resources for my preparation to take the OSEE certification. Based on the syllabus from Offensive Security. My review can be found here.
- Exploiting a Safari information leak by Bruno Keith
- Attacking Client-Side JIT Compilers by Samuel Groß
- Exploiting Logic Bugs in JavaScript JIT Engines by Samuel Groß
- Exploit writing tutorial part 10 : Chaining DEP with ROP by Corelan
- Bypass Data Execution Protection (DEP) by Sk0xic
- Exploit Mitigation Techniques - Data Execution Prevention (DEP) by ricksanchez
- Windows SMEP bypass: U=S by Nicolas Economou & Enrique Nissim
- Kernel Exploitation 4: Stack Buffer Overflow (SMEP Bypass) by Mohamed Shahat
- Exploiting CVE-2017-5123 with full protections. SMEP, SMAP, and the Chrome Sandbox! by Chris Salls
- ROP: Pwn the Windows Kernel with return oriented programming by akayn
- Disarming EMET v5.0 by Offensive Security
- Disarming and Bypassing EMET 5.1 by Offensive Security
- Disarming Enhanced Mitigation Experience Toolkit (EMET) by Offensive Security
- Bypassing EMET 5.5 MemProt using VirtualAlloc by Matthias Ganz
- Fldbg, a Pykd script to debug FlashPlayer by Offensive Security
- Heap Overflow Exploitation on Windows 10 Explained by Wei Chen
- Part 8: Spraying the Heap (Vanilla EIP) by FuzzySecurity
- Part 9: Spraying the Heap (Use-After-Free) by FuzzySecurity
- DEPS – Precise Heap Spray on Firefox and IE10 by Corelan
- Heap Exploitation ~ Abusing Use-After-Free by _py
- Heap Overflows For Humans 101 by FuzzySecurity
- Heap Overflows For Humans 102 by FuzzySecurity
- Heap Overflows For Humans 102.5 by FuzzySecurity
- Heap Overflows For Humans 103 by FuzzySecurity
- Heap Overflows For Humans 103.5 by FuzzySecurity
- Kernel Objects by Microsoft
- Kernel Pool Exploitation on Windows 7 by Tarjei Mandt
- HackSys Extreme Vulnerable Windows Driver by Ashfaq Ansari
- Kernel Exploitation 1: Setting up the environment by Mohamed Shahat
- Windows Kernel Exploitation by Neelu Tripathy
- Kernel Hacking With HEVD Part 1 - The Setup by Brian Beaudry
- Kernel Exploitation -> Stack Overflow by FuzzySecurity
- Kernel Exploitation -> Write-What-Where by FuzzySecurity
- Kernel Exploitation -> Null Pointer Dereferenc by FuzzySecurity
- Kernel Exploitation -> Uninitialized Stack Variable by FuzzySecurity
- Kernel Exploitation -> Integer Overflow by FuzzySecurity
- Kernel Exploitation -> UAF by FuzzySecurity
- Kernel Exploitation -> Pool Overflow by FuzzySecurity
- Kernel Exploitation -> GDI Bitmap Abuse (Win7-10 32/64bit) by FuzzySecurity
- Kernel Exploitation -> RS2 Bitmap Necromancy by FuzzySecurity
- Kernel Exploitation -> Logic bugs in Razer rzpnk.sys by FuzzySecurity
- Intro to Windows kernel exploitation by Sam Brown
- Mixed Object Exploitation in the Windows Kernel Pool by Steven Seeley
- Windows SMEP bypass: U=S by Nicolas Economou & Enrique Nissim
- Windows Kernel Pool Spraying by Philippe
- The Path to Ring-0 (Windows Edition) by Debasis Mohanty
- Exploiting CVE-2015-2426, and How I Ported it to a Recent Windows 8.1 64-bit by Cedric Halbronn
- Taking Windows 10 Kernel-Exploitation To The Next Level Leveraging Write What Where Vulnerabilities In Creators Update by Morten Schenk
- x64 Kernel Privilege Escalation by mcdermott
- HackSys Extreme Vulnerable Driver - Windows 10 x64 StackOverflow Exploit with SMEP Bypass by Cn33liz
- CVE-2015-5736 - Fortinet FortiClient 5.2.3 by Alexandru Uifalvi
- Development of a new Windows 10 KASLR Bypass (in One WinDBG Command) by Morten Schenk
- Windows Kernel Shellcode on Windows 10 - Part 1 by Morten Schenk
- Windows Kernel Shellcode on Windows 10 - Part 2 by Morten Schenk
- Token Stealing Shellcode by Morten Schenk
- Common WinDbg Commands by Robert Kuster
- Debugging Tools for Windows by Microsoft
- Getting Started with Windows Debugging by Microsoft
- Debug Universal Drivers - Step by Step Lab by Microsoft
- WinDbg: Some debugging commands by Kamel Messaoudi
- WinDbg by Exploit Development Community
- PyKD Tutorial – part 1 by Sinaei
- Reverse Engineering for Beginners by Dennis Yurichev
- Advanced Windows Debugging by Mario Hewardt
- Windows Internals, Part 1 by Mark E. Russinovich
- Windows Internals, Part 2 by Mark E. Russinovich
- The IDA Pro Book: The Unofficial Guide to the World’s Most Popular Disassembler by Chris Eagle