A curated list of awesome Windows Exploitation resources, and shiny things. Inspired by awesom
Latest commit 7224734 Nov 28, 2016 @enddo committed on GitHub Update README.md
Permalink
Failed to load latest commit information.
Source Delete tut.txt Feb 26, 2016
CONTRIBUTING.md Create CONTRIBUTING.md Feb 16, 2016
LICENSE Create LICENSE Feb 16, 2016
README.md Update README.md Nov 28, 2016

README.md

Awesome Windows Exploitation Awesome

A curated list of awesome Windows Exploitation resources, and shiny things.

There is no pre-established order of items in each category, the order is for contribution. If you want to contribute, please read the guide.

Table of Contents

Windows stack overflows

Stack Base Overflow Articles.

Windows heap overflows

Heap Base Overflow Articles.

Kernel based Windows overflows

Kernel Base Exploit Development Articles.

Return Oriented Programming

Windows memory protections

Windows memory protections Introduction Articles.

Bypassing filter and protections

Windows memory protections Bypass Methods Articles.

Typical windows exploits

Exploit development tutorial series

Exploid Development Tutorial Series Base on Windows Operation System Articles.

Tools

Disassemblers, debuggers, and other static and dynamic analysis tools.

  • angr - Platform-agnostic binary analysis framework developed at UCSB's Seclab.
  • BARF - Multiplatform, open source Binary Analysis and Reverse engineering Framework.
  • binnavi - Binary analysis IDE for reverse engineering based on graph visualization.
  • Bokken - GUI for Pyew and Radare.
  • Capstone - Disassembly framework for binary analysis and reversing, with support for many architectures and bindings in several languages.
  • codebro - Web based code browser using clang to provide basic code analysis.
  • dnSpy - .NET assembly editor, decompiler and debugger.
  • Evan's Debugger (EDB) - A modular debugger with a Qt GUI.
  • GDB - The GNU debugger.
  • GEF - GDB Enhanced Features, for exploiters and reverse engineers.
  • hackers-grep - A utility to search for strings in PE executables including imports, exports, and debug symbols.
  • IDA Pro - Windows disassembler and debugger, with a free evaluation version.
  • Immunity Debugger - Debugger for malware analysis and more, with a Python API.
  • ltrace - Dynamic analysis for Linux executables.
  • objdump - Part of GNU binutils, for static analysis of Linux binaries.
  • OllyDbg - An assembly-level debugger for Windows executables.
  • PANDA - Platform for Architecture-Neutral Dynamic Analysis
  • PEDA - Python Exploit Development Assistance for GDB, an enhanced display with added commands.
  • pestudio - Perform static analysis of Windows executables.
  • Process Monitor - Advanced monitoring tool for Windows programs.
  • Pyew - Python tool for malware analysis.
  • Radare2 - Reverse engineering framework, with debugger support.
  • SMRT - Sublime Malware Research Tool, a plugin for Sublime 3 to aid with malware analyis.
  • strace - Dynamic analysis for Linux executables.
  • Udis86 - Disassembler library and tool for x86 and x86_64.
  • Vivisect - Python tool for malware analysis.
  • X64dbg - An open-source x64/x32 debugger for windows.