CTF-All-In-One/doc/6.3_books&blogs.md

# 网站、文章和书籍

- [网站](#网站)
- [文章](#文章)
- [书籍](#书籍)


## 网站
- [OpenSecurityTraining](http://opensecuritytraining.info/Welcome.html)
- [sec-wiki](https://www.sec-wiki.com/)
- [Stanford Computer Security Laboratory](http://seclab.stanford.edu/)
- [Shellcodes database for study cases](http://shell-storm.org/shellcode/)
- [Corelan Team Articles](https://www.corelan.be/index.php/articles/)
- [Debugging Fundamentals for Exploit Development](http://resources.infosecinstitute.com/debugging-fundamentals-for-exploit-development/)
- [Tricks for Exploit Development](http://resources.infosecinstitute.com/in-depth-seh-exploit-writing-tutorial-using-ollydbg/)
- [Introduction to return oriented programming (ROP)](http://codearcana.com/posts/2013/05/28/introduction-to-return-oriented-programming-rop.html)
- [Smashing The Stack For Fun And Profit](http://insecure.org/stf/smashstack.html)
- [Understanding DEP as a mitigation technology part 1](https://blogs.technet.microsoft.com/srd/2009/06/12/understanding-dep-as-a-mitigation-technology-part-1/)
- [Preventing the Exploitation of Structured Exception Handler (SEH) Overwrites with SEHOP](https://blogs.technet.microsoft.com/srd/2009/02/02/preventing-the-exploitation-of-structured-exception-handler-seh-overwrites-with-sehop/)
- [CS642 Fall 2014: Computer Security](http://pages.cs.wisc.edu/~rist/642-fall-2014/)
- [Offensive Computer Security Spring 2014](http://www.cs.fsu.edu/~redwood/OffensiveComputerSecurity/)
- [From 0x90 to 0x4c454554, a journey into exploitation.](http://www.myne-us.com/2010/08/from-0x90-to-0x4c454554-journey-into.html)
- [Software Modeling and Verification](http://www.myne-us.com/2010/08/from-0x90-to-0x4c454554-journey-into.html)
- [SATSMT Summer School 2011](https://wikis.mit.edu/confluence/display/satsmtschool11/SATSMT+Summer+School+2011;jsessionid=994854C69CABD6B1DC53F381A3CFF5E8)
- [LOW-LEVEL ATTACKS AND DEFENSES](http://www.cs.umd.edu/class/spring2014/cmsc838g/list.txt)
- [Checking the boundaries of static analysis](https://docs.google.com/presentation/d/1_Te02rSqn7wuhsmkkluqWhDBoXXFVUL5Mp0dUxH0cVE/edit#slide=id.gbd819d83_120)
- [Reference Library](https://moflow.org/#%5B%5BReference%20Library%5D%5D)
- [Deep Wizardry: Stack Unwinding](http://blog.reverberate.org/2013/05/deep-wizardry-stack-unwinding.html)

## 文章

## 书籍
- [Hacking: The Art of Exploitation, 2nd Edition by Jon Erickson](https://leaksource.files.wordpress.com/2014/08/hacking-the-art-of-exploitation.pdf)
- [The Shellcoder's Handbook: Discovering and Exploiting Security Holes, 2nd Edition by Chris Anley et al](https://murdercube.com/files/Computers/Computer%20Security/Wiley.The.Shellcoders.Handbook.2nd.Edition.Aug.2007.pdf)
- [The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler 2nd Edition](http://staff.ustc.edu.cn/~sycheng/ssat/books/The.IDA.Pro.Book.2ed.pdf)
- [Practical Malware Analysis by Michael Sikorski and Andrew Honig](http://venom630.free.fr/pdf/Practical_Malware_Analysis.pdf)
- [Practical Reverse Engineering by Dang, Gazet, Bachaalany](https://repo.zenk-security.com/Reversing%20.%20cracking/Practical%20Reverse%20Engineering.pdf)
- [Fuzzing: Brute Force Vulnerability Discovery](http://bxi.es/Reversing-Exploiting/Fuzzing%20Brute%20Force%20Vulnerability%20Discovery.pdf)
update 2017-07-24 21:24:34 +07:00			`# 网站、文章和书籍`
update 2017-07-17 21:02:41 +07:00
update 2017-07-24 21:24:34 +07:00			`- [网站](#网站)`
			`- [文章](#文章)`
			`- [书籍](#书籍)`


			`## 网站`
			`- [OpenSecurityTraining](http://opensecuritytraining.info/Welcome.html)`
add PDF online read link 2017-08-07 17:45:23 +07:00			`- [sec-wiki](https://www.sec-wiki.com/)`
update 2017-07-24 21:24:34 +07:00			`- [Stanford Computer Security Laboratory](http://seclab.stanford.edu/)`
			`- [Shellcodes database for study cases](http://shell-storm.org/shellcode/)`
			`- [Corelan Team Articles](https://www.corelan.be/index.php/articles/)`
			`- [Debugging Fundamentals for Exploit Development](http://resources.infosecinstitute.com/debugging-fundamentals-for-exploit-development/)`
			`- [Tricks for Exploit Development](http://resources.infosecinstitute.com/in-depth-seh-exploit-writing-tutorial-using-ollydbg/)`
			`- [Introduction to return oriented programming (ROP)](http://codearcana.com/posts/2013/05/28/introduction-to-return-oriented-programming-rop.html)`
			`- [Smashing The Stack For Fun And Profit](http://insecure.org/stf/smashstack.html)`
			`- [Understanding DEP as a mitigation technology part 1](https://blogs.technet.microsoft.com/srd/2009/06/12/understanding-dep-as-a-mitigation-technology-part-1/)`
			`- [Preventing the Exploitation of Structured Exception Handler (SEH) Overwrites with SEHOP](https://blogs.technet.microsoft.com/srd/2009/02/02/preventing-the-exploitation-of-structured-exception-handler-seh-overwrites-with-sehop/)`
			`- [CS642 Fall 2014: Computer Security](http://pages.cs.wisc.edu/~rist/642-fall-2014/)`
			`- [Offensive Computer Security Spring 2014](http://www.cs.fsu.edu/~redwood/OffensiveComputerSecurity/)`
			`- [From 0x90 to 0x4c454554, a journey into exploitation.](http://www.myne-us.com/2010/08/from-0x90-to-0x4c454554-journey-into.html)`
			`- [Software Modeling and Verification](http://www.myne-us.com/2010/08/from-0x90-to-0x4c454554-journey-into.html)`
			`- [SATSMT Summer School 2011](https://wikis.mit.edu/confluence/display/satsmtschool11/SATSMT+Summer+School+2011;jsessionid=994854C69CABD6B1DC53F381A3CFF5E8)`
			`- [LOW-LEVEL ATTACKS AND DEFENSES](http://www.cs.umd.edu/class/spring2014/cmsc838g/list.txt)`
			`- [Checking the boundaries of static analysis](https://docs.google.com/presentation/d/1_Te02rSqn7wuhsmkkluqWhDBoXXFVUL5Mp0dUxH0cVE/edit#slide=id.gbd819d83_120)`
			`- [Reference Library](https://moflow.org/#%5B%5BReference%20Library%5D%5D)`
			`- [Deep Wizardry: Stack Unwinding](http://blog.reverberate.org/2013/05/deep-wizardry-stack-unwinding.html)`
update 2017-07-17 21:02:41 +07:00
			`## 文章`

			`## 书籍`
add PDF online read link 2017-08-07 17:45:23 +07:00			`- [Hacking: The Art of Exploitation, 2nd Edition by Jon Erickson](https://leaksource.files.wordpress.com/2014/08/hacking-the-art-of-exploitation.pdf)`
			`- [The Shellcoder's Handbook: Discovering and Exploiting Security Holes, 2nd Edition by Chris Anley et al](https://murdercube.com/files/Computers/Computer%20Security/Wiley.The.Shellcoders.Handbook.2nd.Edition.Aug.2007.pdf)`
			`- [The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler 2nd Edition](http://staff.ustc.edu.cn/~sycheng/ssat/books/The.IDA.Pro.Book.2ed.pdf)`
			`- [Practical Malware Analysis by Michael Sikorski and Andrew Honig](http://venom630.free.fr/pdf/Practical_Malware_Analysis.pdf)`
			`- [Practical Reverse Engineering by Dang, Gazet, Bachaalany](https://repo.zenk-security.com/Reversing%20.%20cracking/Practical%20Reverse%20Engineering.pdf)`
			`- [Fuzzing: Brute Force Vulnerability Discovery](http://bxi.es/Reversing-Exploiting/Fuzzing%20Brute%20Force%20Vulnerability%20Discovery.pdf)`