Skip to content

Unread Guides

Amin Bohio

https://aminbohio.com/study-guide-tips-offensive-security-certified-expert-osce-cracking-the-perimeter-ctp/

Tools: * Olly Debugger * WinDBG * Immunity Debugger with Mona * CFF Explorer * LordPE * DevCPP * nasm * VulnServer - https://github.com/stephenbradshaw/vulnserver

Trainings: * Open Security Training - “Introductory Intel x86: Architecture, Assembly, Applications, & Alliteration” by Xeno Kovah - http://opensecuritytraining.info/IntroX86.html * Open Security Training - “Introduction To Software Exploits” by Corey Kallenberg - http://opensecuritytraining.info/Exploits1.html * Open Security Training - “Exploits 2: Exploitation in the Windows Environment” by Corey Kallenberg - http://opensecuritytraining.info/Exploits2.html

Exploit development: * Exploit Writing Tutorial Part 1 – Stack Based Overflows - https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/ * Buffer Overflows in the Microsoft Windows® Environment - https://www.ma.rhul.ac.uk/static/techrep/2009/RHUL-MA-2009-06.pdf * Basic Reverse Engineering with Immunity Debugger - https://www.sans.org/reading-room/whitepapers/malicious/paper/36982

Egg hunting: * “Safely Searching Process Virtual Address Space” By Skape - http://www.hick.org/code/skape/papers/egghunt-shellcode.pdf * Egg Hunters – Fuzzy Security - http://www.fuzzysecurity.com/tutorials/expDev/4.html * Egg Hunters – A Twist In Buffer Overflows - https://aminbohio.com/offensive-security-certified-expert-osce-cracking-the-perimeter-ctp-review/

Fuzzing: * 15 Minute Guide To Fuzzing - https://www.mwrinfosecurity.com/our-thinking/15-minute-guide-to-fuzzing/ * SkyDogCon 2015: Fuzzing Basics – Scott M - https://www.youtube.com/watch?v=j05KaAcjZec * An Introduction to Fuzzing: Using fuzzers (SPIKE) to find vulnerabilities - https://resources.infosecinstitute.com/intro-to-fuzzing/ * Vulnserver – Fuzzing with Spike - http://sh3llc0d3r.com/vulnserver-fuzzing-with-spike/

Bypassing exploit mitigation: * Bypassing ASLR/DEP - https://www.exploit-db.com/docs/english/17914-bypassing-aslrdep.pdf * Exploit writing tutorial part 6 : Bypassing Stack Cookies, SafeSeh, SEHOP, HW DEP and ASLR - https://www.corelan.be/index.php/2009/09/21/exploit-writing-tutorial-part-6-bypassing-stack-cookies-safeseh-hw-dep-and-aslr/ * Exploit Dev 101: Bypassing ASLR on Windows - https://www.abatchy.com/2017/06/exploit-dev-101-bypassing-aslr-on.html * Bypassing ASLR and DEP on Windows 7: The Audio Converter Case - http://tekwizz123.blogspot.com/2014/02/bypassing-aslr-and-dep-on-windows-7.html

Shellcoding: * Exploit Writing Tutorial Part 9 – Introduction To Win32 Shellcoding - https://www.corelan.be/index.php/2010/02/25/exploit-writing-tutorial-part-9-introduction-to-win32-shellcoding/ * ShellCode By Hand - https://www.exploit-db.com/docs/english/17065-manual-shellcode.pdf * http://security.cs.rpi.edu/courses/binexp-spring2015/lectures/7/05_lecture.pdf * http://sh3llc0d3r.com/windows-reverse-shell-shellcode-i/

VulnServer Walk-throughs * TRUN - http://sh3llc0d3r.com/vulnserver-trun-command-buffer-overflow-exploit/ * GMON - http://sh3llc0d3r.com/vulnserver-gmon-command-seh-based-overflow-exploit/ * HTER - http://sh3llc0d3r.com/vulnserver-hter-command-buffer-overflow-exploit/ * KSTET - http://sh3llc0d3r.com/vulnserver-kstet-command-exploit-with-egghunter/

Web app security: * Web Application Pentesting – Webpwnized - https://www.youtube.com/watch?v=Fj0n17Jtnzw&list=PLZOToVAK85MqYHbkAVK-ViD-Xb7pF6RKq * File Inclusion Vulnerabilities - https://www.offensive-security.com/metasploit-unleashed/file-inclusion-vulnerabilities/ * Guide Book on Cross Site Scripting - https://www.exploit-db.com/papers/17052/ * Finding vulnerabilities in Web Applications - https://www.exploit-db.com/papers/12871/

AV evasion: * https://resources.infosecinstitute.com/bypassing-antivirus/ * https://www.youtube.com/watch?v=tBY46vs0ptE * https://dl.packetstormsecurity.net/papers/bypass/bypassing-av.pdf * https://pentest.blog/art-of-anti-detection-1-introduction-to-av-detection-techniques/

CTP Registration: http://fc4.me/