CTF-All-In-One/doc/6.3_books&blogs.md

58 lines
4.4 KiB
Markdown
Raw Normal View History

2017-08-20 16:23:48 +07:00
# 更多资源
2017-07-17 21:02:41 +07:00
2017-08-20 16:23:48 +07:00
- [课程](#课程)
- [站点](#站点)
2017-07-24 21:24:34 +07:00
- [文章](#文章)
- [书籍](#书籍)
2017-08-20 16:23:48 +07:00
## 课程
- [Intro to Computer Systems, Summer 2017](https://www.cs.cmu.edu/~213/schedule.html)
- [Modern Binary Exploitation Spring 2015](http://security.cs.rpi.edu/courses/binexp-spring2015/)
2017-07-24 21:24:34 +07:00
- [OpenSecurityTraining](http://opensecuritytraining.info/Welcome.html)
- [Stanford Computer Security Laboratory](http://seclab.stanford.edu/)
2017-08-20 16:23:48 +07:00
- [CS642 Fall 2014: Computer Security](http://pages.cs.wisc.edu/~rist/642-fall-2014/)
- [Offensive Computer Security Spring 2014](http://www.cs.fsu.edu/~redwood/OffensiveComputerSecurity/)
2017-09-07 09:06:48 +07:00
- [System Security and Binary Code Analysis](http://www.utdallas.edu/~zhiqiang.lin/spring2012.html)
2017-08-20 16:23:48 +07:00
- [SATSMT Summer School 2011](https://wikis.mit.edu/confluence/display/satsmtschool11/SATSMT+Summer+School+2011;jsessionid=994854C69CABD6B1DC53F381A3CFF5E8)
- [CS 161 : Computer Security Spring 2017](https://www.icir.org/vern/cs161-sp17/)
- [Introduction to Computer Security Fall 2015](https://users.ece.cmu.edu/~dbrumley/courses/18487-f15/#lectures)
2017-09-07 09:06:48 +07:00
- [格式化字符串blind pwn详细教程](http://bobao.360.cn/ctf/detail/189.html)
- [软件分析技术](http://sei.pku.edu.cn/~xiongyf04/SA/2016/main.htm)
- [Compiler Design](http://www.cs.cmu.edu/~fp/courses/15411-f14/index.html)
- [Optimizing Compilers](http://www.cs.cmu.edu/afs/cs.cmu.edu/academic/class/15745-s14/www/index.html)
2017-09-27 21:27:04 +07:00
- [Principles of Program Analysis](http://www.imm.dtu.dk/~hrni/PPA/ppasup2004.html)
- [Static Program Analysis](https://cs.au.dk/~amoeller/spa/)
2017-08-20 16:23:48 +07:00
## 站点
- [sec-wiki](https://www.sec-wiki.com/)
2017-07-24 21:24:34 +07:00
- [Shellcodes database for study cases](http://shell-storm.org/shellcode/)
- [Corelan Team Articles](https://www.corelan.be/index.php/articles/)
2017-08-20 16:23:48 +07:00
- [LOW-LEVEL ATTACKS AND DEFENSES](http://www.cs.umd.edu/class/spring2014/cmsc838g/list.txt)
- [FuzzySecurity](https://www.fuzzysecurity.com/tutorials.html)
- [LiveOverflow](http://liveoverflow.com/index.html)
## 文章
2017-07-24 21:24:34 +07:00
- [Debugging Fundamentals for Exploit Development](http://resources.infosecinstitute.com/debugging-fundamentals-for-exploit-development/)
- [Introduction to return oriented programming (ROP)](http://codearcana.com/posts/2013/05/28/introduction-to-return-oriented-programming-rop.html)
- [Smashing The Stack For Fun And Profit](http://insecure.org/stf/smashstack.html)
- [Understanding DEP as a mitigation technology part 1](https://blogs.technet.microsoft.com/srd/2009/06/12/understanding-dep-as-a-mitigation-technology-part-1/)
2017-08-20 16:23:48 +07:00
- [Tricks for Exploit Development](http://resources.infosecinstitute.com/in-depth-seh-exploit-writing-tutorial-using-ollydbg/)
2017-07-24 21:24:34 +07:00
- [Preventing the Exploitation of Structured Exception Handler (SEH) Overwrites with SEHOP](https://blogs.technet.microsoft.com/srd/2009/02/02/preventing-the-exploitation-of-structured-exception-handler-seh-overwrites-with-sehop/)
- [From 0x90 to 0x4c454554, a journey into exploitation.](http://www.myne-us.com/2010/08/from-0x90-to-0x4c454554-journey-into.html)
- [Checking the boundaries of static analysis](https://docs.google.com/presentation/d/1_Te02rSqn7wuhsmkkluqWhDBoXXFVUL5Mp0dUxH0cVE/edit#slide=id.gbd819d83_120)
- [Deep Wizardry: Stack Unwinding](http://blog.reverberate.org/2013/05/deep-wizardry-stack-unwinding.html)
2017-08-20 16:23:48 +07:00
- [Linux (x86) Exploit Development Series](https://sploitfun.wordpress.com/2015/06/26/linux-x86-exploit-development-tutorial-series/)
- [Hack The Virtual Memory](https://blog.holbertonschool.com/hack-the-virtual-memory-c-strings-proc/#)
2017-07-17 21:02:41 +07:00
## 书籍
2017-08-07 17:45:23 +07:00
- [Hacking: The Art of Exploitation, 2nd Edition by Jon Erickson](https://leaksource.files.wordpress.com/2014/08/hacking-the-art-of-exploitation.pdf)
- [The Shellcoder's Handbook: Discovering and Exploiting Security Holes, 2nd Edition by Chris Anley et al](https://murdercube.com/files/Computers/Computer%20Security/Wiley.The.Shellcoders.Handbook.2nd.Edition.Aug.2007.pdf)
- [The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler 2nd Edition](http://staff.ustc.edu.cn/~sycheng/ssat/books/The.IDA.Pro.Book.2ed.pdf)
- [Practical Malware Analysis by Michael Sikorski and Andrew Honig](http://venom630.free.fr/pdf/Practical_Malware_Analysis.pdf)
- [Practical Reverse Engineering by Dang, Gazet, Bachaalany](https://repo.zenk-security.com/Reversing%20.%20cracking/Practical%20Reverse%20Engineering.pdf)
- [Fuzzing: Brute Force Vulnerability Discovery](http://bxi.es/Reversing-Exploiting/Fuzzing%20Brute%20Force%20Vulnerability%20Discovery.pdf)