CTF-All-In-One/doc/8.3_books&blogs.md

# 8.3 更多资源

- [课程](#课程)
- [站点](#站点)
- [文章](#文章)
- [书籍](#书籍)


## 课程
- [Intro to Computer Systems, Summer 2017](https://www.cs.cmu.edu/~213/schedule.html)
- [Modern Binary Exploitation Spring 2015](http://security.cs.rpi.edu/courses/binexp-spring2015/)
- [OpenSecurityTraining](http://opensecuritytraining.info/Welcome.html)
- [Stanford Computer Security Laboratory](http://seclab.stanford.edu/)
- [CS642 Fall 2014: Computer Security](http://pages.cs.wisc.edu/~rist/642-fall-2014/)
- [Offensive Computer Security Spring 2014](http://www.cs.fsu.edu/~redwood/OffensiveComputerSecurity/)
- [System Security and Binary Code Analysis](http://www.utdallas.edu/~zhiqiang.lin/spring2012.html)
- [SATSMT Summer School 2011](https://wikis.mit.edu/confluence/display/satsmtschool11/SATSMT+Summer+School+2011;jsessionid=994854C69CABD6B1DC53F381A3CFF5E8)
- [CS 161 : Computer Security Spring 2017](https://www.icir.org/vern/cs161-sp17/)
- [Introduction to Computer Security Fall 2015](https://users.ece.cmu.edu/~dbrumley/courses/18487-f15/#lectures)
- [格式化字符串blind pwn详细教程](http://bobao.360.cn/ctf/detail/189.html)
- [软件分析技术](http://sei.pku.edu.cn/~xiongyf04/SA/2016/main.htm)
- [Compiler Design](http://www.cs.cmu.edu/~fp/courses/15411-f14/index.html)
- [Optimizing Compilers](http://www.cs.cmu.edu/afs/cs.cmu.edu/academic/class/15745-s14/www/index.html)
- [Principles of Program Analysis](http://www.imm.dtu.dk/~hrni/PPA/ppasup2004.html)
- [Static Program Analysis](https://cs.au.dk/~amoeller/spa/)
- [CS 252r: Advanced Topics in Programming Languages](http://web-static-aws.seas.harvard.edu/courses/cs252/2011sp/)
- [Advanced Digital Forensics and Data Reverse Engineering](http://www.utdallas.edu/~zxl111930/fall2011.html)
- [CS261: Security in Computer Systems](http://inst.eecs.berkeley.edu/~cs261/fa17/)
- [CS 161 : Computer Security Spring 2015](http://inst.eecs.berkeley.edu/~cs161/sp15/)
- [Secure Software Systems Spring 2017](http://www.ece.cmu.edu/~ece732/gentable.php)
- [CS 576 Secure Systems Fall 2014](https://www.portokalidis.net/cs576_2014.html)
- [CS 577 Cybersecurity Lab Fall 2014](https://www.portokalidis.net/cs577_2014.html)


## 站点
- [sec-wiki](https://www.sec-wiki.com/)
- [Shellcodes database for study cases](http://shell-storm.org/shellcode/)
- [Corelan Team Articles](https://www.corelan.be/index.php/articles/)
- [LOW-LEVEL ATTACKS AND DEFENSES](http://www.cs.umd.edu/class/spring2014/cmsc838g/list.txt)
- [FuzzySecurity](https://www.fuzzysecurity.com/tutorials.html)
- [LiveOverflow](http://liveoverflow.com/index.html)


## 文章
- [Debugging Fundamentals for Exploit Development](http://resources.infosecinstitute.com/debugging-fundamentals-for-exploit-development/)
- [Introduction to return oriented programming (ROP)](http://codearcana.com/posts/2013/05/28/introduction-to-return-oriented-programming-rop.html)
- [Smashing The Stack For Fun And Profit](http://insecure.org/stf/smashstack.html)
- [Understanding DEP as a mitigation technology part 1](https://blogs.technet.microsoft.com/srd/2009/06/12/understanding-dep-as-a-mitigation-technology-part-1/)
- [Tricks for Exploit Development](http://resources.infosecinstitute.com/in-depth-seh-exploit-writing-tutorial-using-ollydbg/)
- [Preventing the Exploitation of Structured Exception Handler (SEH) Overwrites with SEHOP](https://blogs.technet.microsoft.com/srd/2009/02/02/preventing-the-exploitation-of-structured-exception-handler-seh-overwrites-with-sehop/)
- [From 0x90 to 0x4c454554, a journey into exploitation.](http://www.myne-us.com/2010/08/from-0x90-to-0x4c454554-journey-into.html)
- [Checking the boundaries of static analysis](https://docs.google.com/presentation/d/1_Te02rSqn7wuhsmkkluqWhDBoXXFVUL5Mp0dUxH0cVE/edit#slide=id.gbd819d83_120)
- [Deep Wizardry: Stack Unwinding](http://blog.reverberate.org/2013/05/deep-wizardry-stack-unwinding.html)
- [Linux (x86) Exploit Development Series](https://sploitfun.wordpress.com/2015/06/26/linux-x86-exploit-development-tutorial-series/)
- [Hack The Virtual Memory](https://blog.holbertonschool.com/hack-the-virtual-memory-c-strings-proc/#)


## 书籍
- [Hacking: The Art of Exploitation, 2nd Edition by Jon Erickson](https://leaksource.files.wordpress.com/2014/08/hacking-the-art-of-exploitation.pdf)
- [The Shellcoder's Handbook: Discovering and Exploiting Security Holes, 2nd Edition by Chris Anley et al](https://murdercube.com/files/Computers/Computer%20Security/Wiley.The.Shellcoders.Handbook.2nd.Edition.Aug.2007.pdf)
- [The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler 2nd Edition](http://staff.ustc.edu.cn/~sycheng/ssat/books/The.IDA.Pro.Book.2ed.pdf)
- [Practical Malware Analysis by Michael Sikorski and Andrew Honig](http://venom630.free.fr/pdf/Practical_Malware_Analysis.pdf)
- [Practical Reverse Engineering by Dang, Gazet, Bachaalany](https://repo.zenk-security.com/Reversing%20.%20cracking/Practical%20Reverse%20Engineering.pdf)
- [Fuzzing: Brute Force Vulnerability Discovery](http://bxi.es/Reversing-Exploiting/Fuzzing%20Brute%20Force%20Vulnerability%20Discovery.pdf)
add new chapter 7 exploit 2017-12-07 08:30:58 +07:00			`# 8.3 更多资源`
update 2017-07-17 21:02:41 +07:00
update blogs 2017-08-20 16:23:48 +07:00			`- [课程](#课程)`
			`- [站点](#站点)`
update 2017-07-24 21:24:34 +07:00			`- [文章](#文章)`
			`- [书籍](#书籍)`


update blogs 2017-08-20 16:23:48 +07:00			`## 课程`
			`- [Intro to Computer Systems, Summer 2017](https://www.cs.cmu.edu/~213/schedule.html)`
			`- [Modern Binary Exploitation Spring 2015](http://security.cs.rpi.edu/courses/binexp-spring2015/)`
update 2017-07-24 21:24:34 +07:00			`- [OpenSecurityTraining](http://opensecuritytraining.info/Welcome.html)`
			`- [Stanford Computer Security Laboratory](http://seclab.stanford.edu/)`
update blogs 2017-08-20 16:23:48 +07:00			`- [CS642 Fall 2014: Computer Security](http://pages.cs.wisc.edu/~rist/642-fall-2014/)`
			`- [Offensive Computer Security Spring 2014](http://www.cs.fsu.edu/~redwood/OffensiveComputerSecurity/)`
add llvm 2017-09-07 09:06:48 +07:00			`- [System Security and Binary Code Analysis](http://www.utdallas.edu/~zhiqiang.lin/spring2012.html)`
update blogs 2017-08-20 16:23:48 +07:00			`- [SATSMT Summer School 2011](https://wikis.mit.edu/confluence/display/satsmtschool11/SATSMT+Summer+School+2011;jsessionid=994854C69CABD6B1DC53F381A3CFF5E8)`
			`- [CS 161 : Computer Security Spring 2017](https://www.icir.org/vern/cs161-sp17/)`
			`- [Introduction to Computer Security Fall 2015](https://users.ece.cmu.edu/~dbrumley/courses/18487-f15/#lectures)`
add llvm 2017-09-07 09:06:48 +07:00			`- [格式化字符串blind pwn详细教程](http://bobao.360.cn/ctf/detail/189.html)`
			`- [软件分析技术](http://sei.pku.edu.cn/~xiongyf04/SA/2016/main.htm)`
			`- [Compiler Design](http://www.cs.cmu.edu/~fp/courses/15411-f14/index.html)`
			`- [Optimizing Compilers](http://www.cs.cmu.edu/afs/cs.cmu.edu/academic/class/15745-s14/www/index.html)`
update reverse 2017-09-27 21:27:04 +07:00			`- [Principles of Program Analysis](http://www.imm.dtu.dk/~hrni/PPA/ppasup2004.html)`
			`- [Static Program Analysis](https://cs.au.dk/~amoeller/spa/)`
change titile 2017-10-11 17:22:24 +07:00			`- [CS 252r: Advanced Topics in Programming Languages](http://web-static-aws.seas.harvard.edu/courses/cs252/2011sp/)`
some update 2017-11-06 16:44:15 +07:00			`- [Advanced Digital Forensics and Data Reverse Engineering](http://www.utdallas.edu/~zxl111930/fall2011.html)`
			`- [CS261: Security in Computer Systems](http://inst.eecs.berkeley.edu/~cs261/fa17/)`
			`- [CS 161 : Computer Security Spring 2015](http://inst.eecs.berkeley.edu/~cs161/sp15/)`
			`- [Secure Software Systems Spring 2017](http://www.ece.cmu.edu/~ece732/gentable.php)`
			`- [CS 576 Secure Systems Fall 2014](https://www.portokalidis.net/cs576_2014.html)`
			`- [CS 577 Cybersecurity Lab Fall 2014](https://www.portokalidis.net/cs577_2014.html)`
update blogs 2017-08-20 16:23:48 +07:00

			`## 站点`
			`- [sec-wiki](https://www.sec-wiki.com/)`
update 2017-07-24 21:24:34 +07:00			`- [Shellcodes database for study cases](http://shell-storm.org/shellcode/)`
			`- [Corelan Team Articles](https://www.corelan.be/index.php/articles/)`
update blogs 2017-08-20 16:23:48 +07:00			`- [LOW-LEVEL ATTACKS AND DEFENSES](http://www.cs.umd.edu/class/spring2014/cmsc838g/list.txt)`
			`- [FuzzySecurity](https://www.fuzzysecurity.com/tutorials.html)`
			`- [LiveOverflow](http://liveoverflow.com/index.html)`


			`## 文章`
update 2017-07-24 21:24:34 +07:00			`- [Debugging Fundamentals for Exploit Development](http://resources.infosecinstitute.com/debugging-fundamentals-for-exploit-development/)`
			`- [Introduction to return oriented programming (ROP)](http://codearcana.com/posts/2013/05/28/introduction-to-return-oriented-programming-rop.html)`
			`- [Smashing The Stack For Fun And Profit](http://insecure.org/stf/smashstack.html)`
			`- [Understanding DEP as a mitigation technology part 1](https://blogs.technet.microsoft.com/srd/2009/06/12/understanding-dep-as-a-mitigation-technology-part-1/)`
update blogs 2017-08-20 16:23:48 +07:00			`- [Tricks for Exploit Development](http://resources.infosecinstitute.com/in-depth-seh-exploit-writing-tutorial-using-ollydbg/)`
update 2017-07-24 21:24:34 +07:00			`- [Preventing the Exploitation of Structured Exception Handler (SEH) Overwrites with SEHOP](https://blogs.technet.microsoft.com/srd/2009/02/02/preventing-the-exploitation-of-structured-exception-handler-seh-overwrites-with-sehop/)`
			`- [From 0x90 to 0x4c454554, a journey into exploitation.](http://www.myne-us.com/2010/08/from-0x90-to-0x4c454554-journey-into.html)`
			`- [Checking the boundaries of static analysis](https://docs.google.com/presentation/d/1_Te02rSqn7wuhsmkkluqWhDBoXXFVUL5Mp0dUxH0cVE/edit#slide=id.gbd819d83_120)`
			`- [Deep Wizardry: Stack Unwinding](http://blog.reverberate.org/2013/05/deep-wizardry-stack-unwinding.html)`
update blogs 2017-08-20 16:23:48 +07:00			`- [Linux (x86) Exploit Development Series](https://sploitfun.wordpress.com/2015/06/26/linux-x86-exploit-development-tutorial-series/)`
			`- [Hack The Virtual Memory](https://blog.holbertonschool.com/hack-the-virtual-memory-c-strings-proc/#)`
update 2017-07-17 21:02:41 +07:00

			`## 书籍`
add PDF online read link 2017-08-07 17:45:23 +07:00			`- [Hacking: The Art of Exploitation, 2nd Edition by Jon Erickson](https://leaksource.files.wordpress.com/2014/08/hacking-the-art-of-exploitation.pdf)`
			`- [The Shellcoder's Handbook: Discovering and Exploiting Security Holes, 2nd Edition by Chris Anley et al](https://murdercube.com/files/Computers/Computer%20Security/Wiley.The.Shellcoders.Handbook.2nd.Edition.Aug.2007.pdf)`
			`- [The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler 2nd Edition](http://staff.ustc.edu.cn/~sycheng/ssat/books/The.IDA.Pro.Book.2ed.pdf)`
			`- [Practical Malware Analysis by Michael Sikorski and Andrew Honig](http://venom630.free.fr/pdf/Practical_Malware_Analysis.pdf)`
			`- [Practical Reverse Engineering by Dang, Gazet, Bachaalany](https://repo.zenk-security.com/Reversing%20.%20cracking/Practical%20Reverse%20Engineering.pdf)`
			`- [Fuzzing: Brute Force Vulnerability Discovery](http://bxi.es/Reversing-Exploiting/Fuzzing%20Brute%20Force%20Vulnerability%20Discovery.pdf)`