GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → dhn → Osee

dhn / Osee

Licence: bsd-3-clause
Collection of resources for my preparation to take the OSEE certification.

Programming Languages

python
139335 projects - #7 most used programming language

Labels

kernelresourcesexploitationexploitsoffensive-security

Projects that are alternatives of or similar to Osee

Hacksysextremevulnerabledriver
HackSys Extreme Vulnerable Windows Driver
Stars: ✭ 1,330 (+1257.14%)
Mutual labels:  kernel, exploitation
East
Exploits and Security Tools Framework 2.0.1
Stars: ✭ 283 (+188.78%)
Mutual labels:  exploits, offensive-security
InfosecHouse
Infosec resource center for offensive and defensive security operations.
Stars: ✭ 61 (-37.76%)
Mutual labels:  resources, offensive-security
Bash
Collection of bash scripts I wrote to make my life easier or test myself that you may find useful.
Stars: ✭ 19 (-80.61%)
Mutual labels:  exploits, exploitation
Paper collection
Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read
Stars: ✭ 710 (+624.49%)
Mutual labels:  kernel, exploitation
CVE-2016-7255
An exploit for CVE-2016-7255 on Windows 7/8/8.1/10(pre-anniversary) 64 bit
Stars: ✭ 85 (-13.27%)
Mutual labels:  kernel, exploitation
CVE-Stockpile
Master list of all my vulnerability discoveries. Mostly 3rd party kernel drivers.
Stars: ✭ 41 (-58.16%)
Mutual labels:  kernel, exploits
NTU-Computer-Security
台大 計算機安全 - Pwn 簡報、影片、作業題目與解法 - Computer Security Fall 2019 @ CSIE NTU Taiwan
Stars: ✭ 293 (+198.98%)
Mutual labels:  exploits, exploitation
Kernelpop
kernel privilege escalation enumeration and exploitation framework
Stars: ✭ 628 (+540.82%)
Mutual labels:  kernel, exploits
Herpaderping
Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
Stars: ✭ 614 (+526.53%)
Mutual labels:  exploitation, exploits
exploiting
Exploiting challenges in Linux and Windows
Stars: ✭ 122 (+24.49%)
Mutual labels:  exploits, exploitation
Awesome Ethical Hacking Resources
🔗 All the resources I could find for learning Ethical Hacking and Penetration Testing.
Stars: ✭ 933 (+852.04%)
Mutual labels:  resources, exploitation
PXXTF
Framework For Exploring kernel vulnerabilities, network vulnerabilities ✨
Stars: ✭ 23 (-76.53%)
Mutual labels:  exploits, exploitation
empirectf
EmpireCTF – write-ups, capture the flag, cybersecurity
Stars: ✭ 122 (+24.49%)
Mutual labels:  exploitation, offensive-security
exploits
Some of my public exploits
Stars: ✭ 50 (-48.98%)
Mutual labels:  exploits, exploitation
exploits challenges
Challenges and vulnerabilities exploitation.
Stars: ✭ 60 (-38.78%)
Mutual labels:  exploits, exploitation
reosploit
A Tool that Finds, Enumerates, and Exploits Reolink Cameras.
Stars: ✭ 89 (-9.18%)
Mutual labels:  exploits, exploitation
tryhackme-ctf
TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.
Stars: ✭ 140 (+42.86%)
Mutual labels:  exploits, exploitation
Android Kernel Exploitation
Android Kernel Exploitation
Stars: ✭ 313 (+219.39%)
Mutual labels:  kernel, exploitation
Exploitpack
Exploit Pack -The next generation exploit framework
Stars: ✭ 728 (+642.86%)
Mutual labels:  exploitation, exploits
View All Similar Projects ➔

#+TITLE: Resources

Collection of resources for my preparation to take the OSEE certification. Based on the [[https://www.offensive-security.com/documentation/advanced-windows-exploitation.pdf][syllabus]] from Offensive Security. My review can be found [[https://zer0-day.pw/2020-01/offsec-says-try-harder-or-how-to-become-an-osee/][here]].

** Browser Exploitation *** Safari/Chrome/Webkit + [[https://phoenhex.re/2018-09-26/safari-array-concat][Exploiting a Safari information leak]] by Bruno Keith + [[https://saelo.github.io/presentations/blackhat_us_18_attacking_client_side_jit_compilers.pdf][Attacking Client-Side JIT Compilers]] by Samuel Groß + [[http://phrack.org/papers/jit_exploitation.html][Exploiting Logic Bugs in JavaScript JIT Engines]] by Samuel Groß ** Bypass and Sandbox Escape *** Data Execution Prevention (DEP) **** Tutorials + [[https://www.corelan.be/index.php/2010/06/16/exploit-writing-tutorial-part-10-chaining-dep-with-rop-the-rubikstm-cube/][Exploit writing tutorial part 10 : Chaining DEP with ROP]] by Corelan + [[https://0x00sec.org/t/bypass-data-execution-protection-dep/6988][Bypass Data Execution Protection (DEP)]] by Sk0xic + [[https://0x00sec.org/t/exploit-mitigation-techniques-data-execution-prevention-dep/4634][Exploit Mitigation Techniques - Data Execution Prevention (DEP)]] by ricksanchez *** Supervisor Mode Execution Prevention (SMEP) + [[https://www.coresecurity.com/system/files/publications/2019/03/Windows%20SMEP%20bypass%20U%3DS.pdf][Windows SMEP bypass: U=S]] by Nicolas Economou & Enrique Nissim + [[https://www.abatchy.com/2018/01/kernel-exploitation-4][Kernel Exploitation 4: Stack Buffer Overflow (SMEP Bypass)]] by Mohamed Shahat + [[https://salls.github.io/Linux-Kernel-CVE-2017-5123/][Exploiting CVE-2017-5123 with full protections. SMEP, SMAP, and the Chrome Sandbox!]] by Chris Salls + [[https://rce.wtf/2017/09/24/P4wning-the-windows-kernel-with-ROP.html][ROP: Pwn the Windows Kernel with return oriented programming]] by akayn *** Enhanced Mitigation Experience Toolkit (EMET) **** Papers/Slides/Blogs + [[https://www.offensive-security.com/vulndev/disarming-emet-v5-0/][Disarming EMET v5.0]] by Offensive Security + [[https://www.offensive-security.com/vulndev/disarming-and-bypassing-emet-5-1/][Disarming and Bypassing EMET 5.1]] by Offensive Security + [[https://www.offensive-security.com/vulndev/disarming-enhanced-mitigation-experience-toolkit-emet/][Disarming Enhanced Mitigation Experience Toolkit (EMET)]] by Offensive Security + [[https://www.xorlab.com/blog/2016/10/27/emet-memprot-bypass/][Bypassing EMET 5.5 MemProt using VirtualAlloc]] by Matthias Ganz + [[https://www.offensive-security.com/vulndev/fldbg-a-pykd-script-to-debug-flashplayer/][Fldbg, a Pykd script to debug FlashPlayer]] by Offensive Security ** Heap Exploitation *** Tutorials + [[https://blog.rapid7.com/2019/06/12/heap-overflow-exploitation-on-windows-10-explained/][Heap Overflow Exploitation on Windows 10 Explained]] by Wei Chen + [[https://www.fuzzysecurity.com/tutorials/expDev/8.html][Part 8: Spraying the Heap (Vanilla EIP)]] by FuzzySecurity + [[https://www.fuzzysecurity.com/tutorials/expDev/11.html][Part 9: Spraying the Heap (Use-After-Free)]] by FuzzySecurity + [[https://www.corelan.be/index.php/2013/02/19/deps-precise-heap-spray-on-firefox-and-ie10/][DEPS – Precise Heap Spray on Firefox and IE10]] by Corelan + [[https://0x00sec.org/t/heap-exploitation-abusing-use-after-free/3580][Heap Exploitation ~ Abusing Use-After-Free]] by py *** Heap Overflows + [[http://www.fuzzysecurity.com/tutorials/mr_me/2.html][Heap Overflows For Humans 101]] by FuzzySecurity + [[http://www.fuzzysecurity.com/tutorials/mr_me/3.html][Heap Overflows For Humans 102]] by FuzzySecurity + [[http://www.fuzzysecurity.com/tutorials/mr_me/4.html][Heap Overflows For Humans 102.5]] by FuzzySecurity + [[http://www.fuzzysecurity.com/tutorials/mr_me/5.html][Heap Overflows For Humans 103]] by FuzzySecurity + [[http://www.fuzzysecurity.com/tutorials/mr_me/6.html][Heap Overflows For Humans 103.5]] by FuzzySecurity ** Kernel Exploitation *** Documentation/Papers/Slides + [[https://docs.microsoft.com/en-us/windows/desktop/SysInfo/kernel-objects][Kernel Objects]] by Microsoft + [[https://media.blackhat.com/bh-dc-11/Mandt/BlackHat_DC_2011_Mandt_kernelpool-wp.pdf][Kernel Pool Exploitation on Windows 7]] by Tarjei Mandt ** Kernel Drivers Exploitation (32-bit) *** Tutorials + [[https://github.com/hacksysteam/HackSysExtremeVulnerableDriver][HackSys Extreme Vulnerable Windows Driver]] by Ashfaq Ansari + [[https://www.abatchy.com/2018/01/kernel-exploitation-1][Kernel Exploitation 1: Setting up the environment]] by Mohamed Shahat + [[http://niiconsulting.com/checkmate/2016/01/windows-kernel-exploitation/][Windows Kernel Exploitation]] by Neelu Tripathy + [[https://sizzop.github.io/2016/07/05/kernel-hacking-with-hevd-part-1.html][Kernel Hacking With HEVD Part 1 - The Setup]] by Brian Beaudry + [[https://www.fuzzysecurity.com/tutorials/expDev/14.html][Kernel Exploitation -> Stack Overflow]] by FuzzySecurity + [[https://www.fuzzysecurity.com/tutorials/expDev/15.html][Kernel Exploitation -> Write-What-Where]] by FuzzySecurity + [[https://www.fuzzysecurity.com/tutorials/expDev/16.html][Kernel Exploitation -> Null Pointer Dereferenc]] by FuzzySecurity + [[https://www.fuzzysecurity.com/tutorials/expDev/17.html][Kernel Exploitation -> Uninitialized Stack Variable]] by FuzzySecurity + [[https://www.fuzzysecurity.com/tutorials/expDev/18.html][Kernel Exploitation -> Integer Overflow]] by FuzzySecurity + [[https://www.fuzzysecurity.com/tutorials/expDev/19.html][Kernel Exploitation -> UAF]] by FuzzySecurity + [[https://www.fuzzysecurity.com/tutorials/expDev/20.html][Kernel Exploitation -> Pool Overflow]] by FuzzySecurity + [[https://www.fuzzysecurity.com/tutorials/expDev/21.html][Kernel Exploitation -> GDI Bitmap Abuse (Win7-10 32/64bit)]] by FuzzySecurity + [[https://www.fuzzysecurity.com/tutorials/expDev/22.html][Kernel Exploitation -> RS2 Bitmap Necromancy]] by FuzzySecurity + [[https://www.fuzzysecurity.com/tutorials/expDev/23.html][Kernel Exploitation -> Logic bugs in Razer rzpnk.sys]] by FuzzySecurity + [[https://www.whitehatters.academy/intro-to-windows-kernel-exploitation-2-windows-drivers/][Intro to Windows kernel exploitation]] by Sam Brown + [[https://srcincite.io/blog/2017/09/06/sharks-in-the-pool-mixed-object-exploitation-in-the-windows-kernel-pool.html][Mixed Object Exploitation in the Windows Kernel Pool]] by Steven Seeley *** Papers/Slides + [[https://www.coresecurity.com/system/files/publications/2019/03/Windows%20SMEP%20bypass%20U%3DS.pdf][Windows SMEP bypass: U=S]] by Nicolas Economou & Enrique Nissim + [[http://web.archive.org/web/20170525074304/http://trackwatch.com/windows-kernel-pool-spraying/][Windows Kernel Pool Spraying]] by Philippe + [[https://insomniasec.com/downloads/publications/The%20Path%20To%20Ring-0.pdf][The Path to Ring-0 (Windows Edition)]] by Debasis Mohanty ** Kernel Drivers Exploitation (64-bit) *** Articles + [[https://www.nccgroup.trust/globalassets/our-research/uk/whitepapers/2015/09/2015-08-28-ncc_group-exploiting_cve_2015_2426-_release.pdf][Exploiting CVE-2015-2426, and How I Ported it to a Recent Windows 8.1 64-bit]] by Cedric Halbronn + [[https://www.blackhat.com/docs/us-17/wednesday/us-17-Schenk-Taking-Windows-10-Kernel-Exploitation-To-The-Next-Level%E2%80%93Leveraging-Write-What-Where-Vulnerabilities-In-Creators-Update-wp.pdf][Taking Windows 10 Kernel-Exploitation To The Next Level Leveraging Write What Where Vulnerabilities In Creators Update]] by Morten Schenk + [[http://mcdermottcybersecurity.com/articles/x64-kernel-privilege-escalation][x64 Kernel Privilege Escalation]] by mcdermott *** Tutorials + [[https://blahcat.github.io/2017/08/31/arbitrary-write-primitive-in-windows-kernel-hevd/][Arbitrary Write primitive in Windows kernel (HEVD)]] by blahcat *** Exploits + [[https://github.com/Cn33liz/HSEVD-StackOverflowX64][HackSys Extreme Vulnerable Driver - Windows 10 x64 StackOverflow Exploit with SMEP Bypass]] by Cn33liz + [[https://www.exploit-db.com/exploits/41721/][CVE-2015-5736 - Fortinet FortiClient 5.2.3]] by Alexandru Uifalvi ** Kernel ASLR Bypass *** Articles + [[https://www.offensive-security.com/vulndev/development-of-a-new-windows-10-kaslr-bypass-in-one-windbg-command/][Development of a new Windows 10 KASLR Bypass (in One WinDBG Command)]] by Morten Schenk ** Shellcoding *** Windows 10 + [[https://improsec.com/tech-blog/windows-kernel-shellcode-on-windows-10-part-1][Windows Kernel Shellcode on Windows 10 - Part 1]] by Morten Schenk + [[https://improsec.com/tech-blog/windows-kernel-shellcode-on-windows-10-part-2][Windows Kernel Shellcode on Windows 10 - Part 2]] by Morten Schenk + [[https://github.com/MortenSchenk/Token-Stealing-Shellcode][Token Stealing Shellcode]] by Morten Schenk ** Misc *** WinDbg + [[http://windbg.info/doc/1-common-cmds.html][Common WinDbg Commands]] by Robert Kuster + [[https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/][Debugging Tools for Windows]] by Microsoft + [[https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/getting-started-with-windows-debugging][Getting Started with Windows Debugging]] by Microsoft + [[https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/debug-universal-drivers---step-by-step-lab--echo-kernel-mode-][Debug Universal Drivers - Step by Step Lab]] by Microsoft + [[https://briolidz.wordpress.com/2013/11/17/windbg-some-debugging-commands/][WinDbg: Some debugging commands]] by Kamel Messaoudi + [[https://web.archive.org/web/20170803175807/http://expdev-kiuhnm.rhcloud.com:80/2015/05/17/windbg/][WinDbg]] by Exploit Development Community *** Tutorials + [[https://rayanfam.com/topics/pykd-tutorial-part1/][PyKD Tutorial – part 1]] by Sinaei ** Books

  • [[https://beginners.re/][Reverse Engineering for Beginners]] by Dennis Yurichev
  • [[https://www.amazon.com/Advanced-Windows-Debugging-Mario-Hewardt/dp/0321374460/?_encoding=UTF8&camp=1789&creative=9325&linkCode=ur2&tag=theethhacne0c-20][Advanced Windows Debugging]] by Mario Hewardt
  • [[https://www.amazon.com/Windows-Internals-Part-Covering-Server%C2%AE/dp/0735648735/?_encoding=UTF8&camp=1789&creative=9325&linkCode=ur2&tag=theethhacne0c-20][Windows Internals, Part 1]] by Mark E. Russinovich
  • [[http://www.amazon.com/Windows-Internals-Part-Covering-Server%C2%AE/dp/0735665877/?_encoding=UTF8&camp=1789&creative=9325&linkCode=ur2&tag=theethhacne0c-20][Windows Internals, Part 2]] by Mark E. Russinovich
  • [[https://www.amazon.com/The-IDA-Pro-Book-Disassembler/dp/1593272898/?_encoding=UTF8&camp=1789&creative=9325&linkCode=ur2&tag=theethhacne0c-20][The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler]] by Chris Eagle
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].