mirror of
https://github.com/nganhkhoa/CTF-All-In-One.git
synced 2025-01-28 06:17:31 +07:00
12 KiB
12 KiB
Summary
GitHub 地址:https://github.com/firmianay/CTF-All-In-One
- 简介
- 前言
- 一、基础知识篇
- 二、工具篇
- 三、分类专题篇
- 四、技巧篇
- 五、高级篇
- 六、题解篇
- pwn
- 6.1.1 pwn HCTF2016 brop
- 6.1.2 pwn NJCTF2017 pingme
- 6.1.3 pwn XDCTF2015 pwn200
- 6.1.4 pwn BackdoorCTF2017 Fun-Signals
- 6.1.5 pwn GreHackCTF2017 beerfighter
- 6.1.6 pwn DefconCTF2015 fuckup
- 6.1.7 pwn 0CTF2015 freenote
- 6.1.8 pwn DCTF2017 Flex
- 6.1.9 pwn RHme3 Exploitation
- 6.1.10 pwn 0CTF2017 BabyHeap2017
- 6.1.11 pwn 9447CTF2015 Search-Engine
- 6.1.12 pwn N1CTF2018 vote
- 6.1.13 pwn 34C3CTF2017 readme_revenge
- 6.1.14 pwn 32C3CTF2015 readme
- 6.1.15 pwn 34C3CTF2017 SimpleGC
- 6.1.16 pwn HITBCTF2017 1000levels
- 6.1.17 pwn SECCONCTF2016 jmper
- 6.1.18 pwn HITBCTF2017 Sentosa
- 6.1.19 pwn HITBCTF2018 gundam
- 6.1.20 pwn 33C3CTF2016 babyfengshui
- re
- web
- pwn
- 七、实战篇
- CVE
- 7.1.1 [CVE-2017-11543] tcpdump 4.9.0 Buffer Overflow
- 7.1.2 [CVE-2015-0235] glibc 2.17 Buffer Overflow
- 7.1.3 [CVE-2016-4971] wget 1.17.1 Arbitrary File Upload
- 7.1.4 [CVE-2017-13089] wget 1.19.1 Buffer Overflow
- 7.1.5 [CVE–2018-1000001] glibc Buffer Underflow
- 7.1.6 [CVE-2017-9430] DNSTracer 1.9 Buffer Overflow
- 7.1.7 [CVE-2018-6323] GNU binutils 2.26.1 Integer Overflow
- Malware
- 7.2.x
- CVE
- 八、学术篇
- 8.1 The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86)
- 8.2 Return-Oriented Programming without Returns
- 8.3 Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanisms
- 8.4 ROPdefender: A Detection Tool to Defend Against Return-Oriented Programming Attacks
- 8.5 Data-Oriented Programming: On the Expressiveness of Non-Control Data Attacks
- 8.6 Hacking Blind
- 8.7 What Cannot Be Read, Cannot Be Leveraged? Revisiting Assumptions of JIT-ROP Defenses
- 8.8 All You Ever Wanted to Know About Dynamic Taint Analysis and Forward Symbolic Execution (but might have been afraid to ask)
- 8.9 Symbolic Execution for Software Testing: Three Decades Later
- 8.10 AEG: Automatic Exploit Generation
- 8.11 Address Space Layout Permutation (ASLP): Towards Fine-Grained Randomization of Commodity Software
- 8.12 ASLR on the Line: Practical Cache Attacks on the MMU
- 8.13 New Frontiers of Reverse Engineering
- 8.14 Who Allocated My Memory? Detecting Custom Memory Allocators in C Binaries
- 8.15 EMULATOR vs REAL PHONE: Android Malware Detection Using Machine Learning
- 8.16 DynaLog: An automated dynamic analysis framework for characterizing Android applications
- 8.17 A Static Android Malware Detection Based on Actual Used Permissions Combination and API Calls
- 8.18 MaMaDroid: Detecting Android malware by building Markov chains of behavioral models
- 8.19 DroidNative: Semantic-Based Detection of Android Native Code Malware
- 8.20 DroidAnalytics: A Signature Based Analytic System to Collect, Extract, Analyze and Associate Android Malware
- 8.21 Micro-Virtualization Memory Tracing to Detect and Prevent Spraying Attacks
- 8.22 Practical Memory Checking With Dr. Memory
- 8.23 Evaluating the Effectiveness of Current Anti-ROP Defenses
- 8.24 How to Make ASLR Win the Clone Wars: Runtime Re-Randomization
- 九、附录