CTF-All-In-One/doc/6.3_books&blogs.md
2017-08-20 17:23:48 +08:00

52 lines
3.9 KiB
Markdown

# 更多资源
- [课程](#课程)
- [站点](#站点)
- [文章](#文章)
- [书籍](#书籍)
## 课程
- [Intro to Computer Systems, Summer 2017](https://www.cs.cmu.edu/~213/schedule.html)
- [Modern Binary Exploitation Spring 2015](http://security.cs.rpi.edu/courses/binexp-spring2015/)
- [OpenSecurityTraining](http://opensecuritytraining.info/Welcome.html)
- [Stanford Computer Security Laboratory](http://seclab.stanford.edu/)
- [CS642 Fall 2014: Computer Security](http://pages.cs.wisc.edu/~rist/642-fall-2014/)
- [Offensive Computer Security Spring 2014](http://www.cs.fsu.edu/~redwood/OffensiveComputerSecurity/)
- [System Security and Binary Code Analysis](http://www.utdallas.edu/~zhiqiang.lin/spring2012.html#toc7)
- [SATSMT Summer School 2011](https://wikis.mit.edu/confluence/display/satsmtschool11/SATSMT+Summer+School+2011;jsessionid=994854C69CABD6B1DC53F381A3CFF5E8)
- [CS 161 : Computer Security Spring 2017](https://www.icir.org/vern/cs161-sp17/)
- [Introduction to Computer Security Fall 2015](https://users.ece.cmu.edu/~dbrumley/courses/18487-f15/#lectures)
## 站点
- [sec-wiki](https://www.sec-wiki.com/)
- [Shellcodes database for study cases](http://shell-storm.org/shellcode/)
- [Corelan Team Articles](https://www.corelan.be/index.php/articles/)
- [LOW-LEVEL ATTACKS AND DEFENSES](http://www.cs.umd.edu/class/spring2014/cmsc838g/list.txt)
- [FuzzySecurity](https://www.fuzzysecurity.com/tutorials.html)
- [LiveOverflow](http://liveoverflow.com/index.html)
## 文章
- [Debugging Fundamentals for Exploit Development](http://resources.infosecinstitute.com/debugging-fundamentals-for-exploit-development/)
- [Introduction to return oriented programming (ROP)](http://codearcana.com/posts/2013/05/28/introduction-to-return-oriented-programming-rop.html)
- [Smashing The Stack For Fun And Profit](http://insecure.org/stf/smashstack.html)
- [Understanding DEP as a mitigation technology part 1](https://blogs.technet.microsoft.com/srd/2009/06/12/understanding-dep-as-a-mitigation-technology-part-1/)
- [Tricks for Exploit Development](http://resources.infosecinstitute.com/in-depth-seh-exploit-writing-tutorial-using-ollydbg/)
- [Preventing the Exploitation of Structured Exception Handler (SEH) Overwrites with SEHOP](https://blogs.technet.microsoft.com/srd/2009/02/02/preventing-the-exploitation-of-structured-exception-handler-seh-overwrites-with-sehop/)
- [From 0x90 to 0x4c454554, a journey into exploitation.](http://www.myne-us.com/2010/08/from-0x90-to-0x4c454554-journey-into.html)
- [Checking the boundaries of static analysis](https://docs.google.com/presentation/d/1_Te02rSqn7wuhsmkkluqWhDBoXXFVUL5Mp0dUxH0cVE/edit#slide=id.gbd819d83_120)
- [Deep Wizardry: Stack Unwinding](http://blog.reverberate.org/2013/05/deep-wizardry-stack-unwinding.html)
- [Linux (x86) Exploit Development Series](https://sploitfun.wordpress.com/2015/06/26/linux-x86-exploit-development-tutorial-series/)
- [Hack The Virtual Memory](https://blog.holbertonschool.com/hack-the-virtual-memory-c-strings-proc/#)
## 书籍
- [Hacking: The Art of Exploitation, 2nd Edition by Jon Erickson](https://leaksource.files.wordpress.com/2014/08/hacking-the-art-of-exploitation.pdf)
- [The Shellcoder's Handbook: Discovering and Exploiting Security Holes, 2nd Edition by Chris Anley et al](https://murdercube.com/files/Computers/Computer%20Security/Wiley.The.Shellcoders.Handbook.2nd.Edition.Aug.2007.pdf)
- [The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler 2nd Edition](http://staff.ustc.edu.cn/~sycheng/ssat/books/The.IDA.Pro.Book.2ed.pdf)
- [Practical Malware Analysis by Michael Sikorski and Andrew Honig](http://venom630.free.fr/pdf/Practical_Malware_Analysis.pdf)
- [Practical Reverse Engineering by Dang, Gazet, Bachaalany](https://repo.zenk-security.com/Reversing%20.%20cracking/Practical%20Reverse%20Engineering.pdf)
- [Fuzzing: Brute Force Vulnerability Discovery](http://bxi.es/Reversing-Exploiting/Fuzzing%20Brute%20Force%20Vulnerability%20Discovery.pdf)