4

[推荐]『二进制漏洞』版精选帖分类索引

BDomne 6天前 426
 

列表不定期更新,有遗漏的地方还望各位留帖补充:P
last update: 2017.10.13

基础知识:

通过Hash值计算API的名字
https://bbs.pediy.com/thread-55187.htm

 

ShellCode编写之hash式函数调用及相关
https://bbs.pediy.com/thread-58393.htm

 

Shellcode In X64-1Find Kernel32.dll
https://bbs.pediy.com/thread-155336.htm

 

一份shellcode的详细分析
https://bbs.pediy.com/thread-46068.htm

 

CVE-2010-1297漏洞shellcode简析
https://bbs.pediy.com/thread-121236.htm

 

缓冲区溢出攻击浅析,写给初学者
https://bbs.pediy.com/thread-131340.htm

 

学习漏洞分析顺便做的笔记-DWORDSHOOT-堆腐坏
https://bbs.pediy.com/thread-207448.htm

 

二进制漏洞利用中的ROP技术研究与实例分析
https://bbs.pediy.com/thread-221041.htm

ExploitMe:

ExploitMe挑战赛我的AB题的答卷
https://bbs.pediy.com/thread-57545.htm

 

exploitme溢出分析
https://bbs.pediy.com/thread-57623.htm

 

exploit_me_A:打造终极命令行!
https://bbs.pediy.com/thread-57620.htm

CTF Pwn

HITB GSEC WIN PWN BABYSTACK 分析
https://bbs.pediy.com/thread-221016.htm

 

成功通过堆溢出,绕过unlink限制,实现GOT表覆写进行命令执行
https://bbs.pediy.com/thread-220672.htm

Mitigation Bypass:

MS08-067通用bypass DEP的缓冲区溢出栈帧构造方法的学习
https://bbs.pediy.com/thread-81667.htm

 

safeseh和DEP都开启了,有办法破吗
https://bbs.pediy.com/thread-137468.htm

 

缓冲区溢出漏洞exploit在当下遇到的绝境
https://bbs.pediy.com/thread-179658.htm

 

利用stackpivot和ROP绕过ASLR+DEP学习笔记
https://bbs.pediy.com/thread-146321.htm

 

Advanced Exploitation Technology-Analyze
https://bbs.pediy.com/thread-192049.htm

 

野外的 CVE-2015-2545 逃逸了 EMET
https://bbs.pediy.com/thread-216046.htm

 

EMET5.1绕过方法学习笔记
https://bbs.pediy.com/thread-199061.htm

 

win10下EMET 5.5防护机制之Memport的绕过
https://bbs.pediy.com/thread-208774.htm

图像漏洞:

EXPLOIT for ANI file
https://bbs.pediy.com/thread-42208.htm

 

Microsoft TIFF图像文件处理栈溢出漏洞(MS07-055)
https://bbs.pediy.com/thread-57730.htm

 

Adobe PDF LibTiff Integer Overflow CVE-2010-0188初探
https://bbs.pediy.com/thread-109316.htm

Flash漏洞:

flash漏洞所用shellcode的分析
https://bbs.pediy.com/thread-65907.htm

 

Adobe flash漏洞之CVE-2009-1862初探 --基础知识篇
https://bbs.pediy.com/thread-101342.htm

 

CVE-2011-0611 分析
https://bbs.pediy.com/thread-137922.htm

 

cve-2012-1535漏洞调试分析
https://bbs.pediy.com/thread-154860.htm

 

CVE-2013-0634 POC Analysis
https://bbs.pediy.com/thread-162493.htm

 

cve-2014-0322完整详细分析
https://bbs.pediy.com/thread-193313.htm

 

CVE-2015-3090 Exploit利用分析
https://bbs.pediy.com/thread-202461.htm

 

New Flash Exploition Analysis
https://bbs.pediy.com/thread-199166.htm

 

Flash漏洞利用样本逆向分析艺术
https://bbs.pediy.com/thread-215882.htm

浏览器漏洞:

Analysis CVE2011-0065-Firefox 3.6.16 mChannel use after free vulnerability
https://bbs.pediy.com/thread-139044.htm

 

IE8 sc.txt exploit 分析学习
https://bbs.pediy.com/thread-142917.htm

 

CVE-2012-1876 MSHTML.DLL堆溢出漏洞分析
https://bbs.pediy.com/thread-153363.htm

 

CVE-2012-1876 Exploit利用分析
https://bbs.pediy.com/thread-202089.htm

 

UAF漏洞分析之CVE-2012-4969
https://bbs.pediy.com/thread-206412.htm

 

CVE-2012-1875:mshtml.dll Use-After-Free漏洞分析
https://bbs.pediy.com/thread-152240.htm

 

CVE-2012-4792漏洞分析
https://bbs.pediy.com/thread-173147.htm

 

CVE-2013-1347(IE8 UAF漏洞)分析
https://bbs.pediy.com/thread-174631.htm

 

IE漏洞CVE-2013-2551分析-附poc
https://bbs.pediy.com/thread-173600.htm

 

CVE-2013-3893: SetMouseCapture UAF
https://bbs.pediy.com/thread-182083.htm

 

CVE-2013-3893 IE浏览器uaf漏洞利用
https://bbs.pediy.com/thread-217373.htm

 

CVE-2013-1347:IE CLayoutBlock更新错误导致UAF
https://bbs.pediy.com/thread-182085.htm

 

CVE-2014-0322 0day Exploit分析
https://bbs.pediy.com/thread-184608.htm

 

How to use VBScript to turn on the God Mode?
https://bbs.pediy.com/thread-189224.htm

 

about cve-2014-6332
https://bbs.pediy.com/thread-194744.htm

 

CVE-2015-6086 简要分析
https://bbs.pediy.com/thread-209825.htm

 

对CVE-2016-0199的简单分析
https://bbs.pediy.com/thread-212058.htm

文档型漏洞:

众里寻他千百度----文件类漏洞ShellCode的查找
https://bbs.pediy.com/thread-121045.htm

 

Adobe reader 漏洞CVE-2009-4324初步分析
https://bbs.pediy.com/thread-104890.htm

 

CVE-2009-3459漏洞POC分析
https://bbs.pediy.com/thread-102514.htm

 

一个word溢出样本的shellcode分析
https://bbs.pediy.com/thread-130249.htm

 

CVE-2011-0104Excel缓冲区溢出漏洞分析
https://bbs.pediy.com/thread-144387.htm

 

Analysis CVE-2011-0978 Microsoft Office Excel Axis Properties Record Parsing Buff
https://bbs.pediy.com/thread-138428.htm

 

cve-2012-0158分析笔记
https://bbs.pediy.com/thread-160149.htm

 

cve-2012-0158两种poc分析
https://bbs.pediy.com/thread-217890.htm

 

对Cve-2011-0978稳定利用的分析
https://bbs.pediy.com/thread-145971.htm

 

CVE-2010-3333漏洞分析(深入分析)
https://bbs.pediy.com/thread-158078.htm

 

MS10-087从漏洞补丁到POC
https://bbs.pediy.com/thread-195992.htm

 

CVE-2013-0640漏洞利用分析 - 附POC
https://bbs.pediy.com/thread-163035.htm

 

CVE-2013-3906简要分析
https://bbs.pediy.com/thread-181216.htm

 

CVE-2014-1761分析笔记
https://bbs.pediy.com/thread-192351.htm

 

解读天书----漏洞利用中级技巧的分析
https://bbs.pediy.com/thread-184721.htm

 

CVE-2014-4114 SandWorm 沙虫漏洞分析报告
https://bbs.pediy.com/thread-193443.htm

虚拟化漏洞:

VMware漏洞实例分析之一 – 共享文件夹目录遍历漏洞
https://bbs.pediy.com/thread-74064.htm

 

360MarvelTeam虚拟化漏洞第一弹 - CVE-2015-6815 漏洞分析
https://bbs.pediy.com/thread-206983.htm

 

虚拟机逃逸——QEMU的案例分析系列
https://bbs.pediy.com/thread-218045.htm

字体漏洞

千年等一回-Adobe Reader CoolType库TTF字体解析栈溢出漏洞分析
https://bbs.pediy.com/thread-121986.htm

 

CVE-2012-1535 Flash解析特殊格式字体漏洞样本构造分享
https://bbs.pediy.com/thread-157851.htm

 

对Cve2011-3402的利用分析
https://bbs.pediy.com/thread-147274.htm

 

WindowsXPSp3_AFD.sys_本地拒绝服务漏洞的挖掘过程
https://bbs.pediy.com/thread-165917.htm

 

CVE-2014-1767_Afd.sys_double-free_漏洞分析与利用
https://bbs.pediy.com/thread-194457.htm

内核漏洞:

MS08-025 win32k.sys NtUserFnOUTSTRING Privilege Escalation Exploit
https://bbs.pediy.com/thread-63099.htm

 

MS08-066 Microsoft Ancillary Function Driver Elevation of Privilege exploit
https://bbs.pediy.com/thread-74811.htm

 

微点主动防御 Mp110013.sys <= 1.3.10123.0 本地内核权限提升漏洞
https://bbs.pediy.com/thread-110851.htm

 

放个MS11-011分析、逆向、利用、绕过的文档、源代码
https://bbs.pediy.com/thread-130487.htm

 

如何触发MS11-080
https://bbs.pediy.com/thread-143695.htm

 

CVE-2013-3660漏洞分析
https://bbs.pediy.com/thread-178154.htm

 

CVE-2014-4113分析及Exploit逆向
https://bbs.pediy.com/thread-198194.htm

Fuzzing:

软件安全测试(fuzz)之大家一起学1: fuzz platform架构
https://bbs.pediy.com/thread-75032.htm

 

软件安全测试(fuzz)之大家一起学2:认识PNG文件格式
https://bbs.pediy.com/thread-75181.htm

 

软件漏洞挖掘之一_SPIKE
https://bbs.pediy.com/thread-68516.htm

 

软件漏洞挖掘Fuzz工具之三-入门篇
https://bbs.pediy.com/thread-69910.htm

 

对ActiveX控件进行Fuzzing测试发掘漏洞
https://bbs.pediy.com/thread-156920.htm

 

基于SKIPE的网络协议Fuzzing技术
https://bbs.pediy.com/thread-180619.htm

 

文件Fuzz教程系列索引
https://bbs.pediy.com/thread-176420.htm

 

漏洞挖掘方法之静态扫描+经典栈溢出实例
https://bbs.pediy.com/thread-184409.htm

其它:

MS08-067漏洞分析
https://bbs.pediy.com/thread-75361-2.htm

 

EMM's MS08-067 exploit 原理分析
https://bbs.pediy.com/thread-80416.htm

 

LNK快捷方式文件漏洞简要分析
https://bbs.pediy.com/thread-117232.htm

 

CVE-2017-7269 IIS6.0远程代码执行漏洞分析及Exploit
https://bbs.pediy.com/thread-216809.htm

 

CVE-2017-7269:IIS6.0远程代码执行漏洞逆向分析记录
https://bbs.pediy.com/thread-216967.htm

 

CVE-2017-1000367 分析与复现
https://bbs.pediy.com/thread-218260.htm

 

《漏洞战争》配套资料下载
https://bbs.pediy.com/thread-211573.htm

技术专题:

软件漏洞分析入门
https://bbs.pediy.com/thread-56445.htm

 

Exploit 编写系列教程 1-10合集
https://bbs.pediy.com/thread-123602.htm

 

二进制漏洞入门教程
https://bbs.pediy.com/thread-208596.htm

经验心得

漏洞分析的那些事儿
https://bbs.pediy.com/thread-142265.htm

 

漏洞挖掘之个人见解
https://bbs.pediy.com/thread-140597.htm

 

简单谈谈Java Exploit
https://bbs.pediy.com/thread-143826.htm

 

调试AVM中的JITed code技巧
https://bbs.pediy.com/thread-194903.htm

 

软件漏洞分析技巧分享
https://bbs.pediy.com/thread-185817.htm

最新回复 (10)
MsScotch 6天前
2
这种集合贴  真真是极好的,有鉴前人观摩,便于后来学习!
12
netwind 6天前
3
感谢整理!
1
fengyunabc 6天前
4
感谢整理,辛苦了!
8
kanxue 6天前
5
辛苦了,欢迎大家参与进来,一起成长
cqzhou 6天前
6
辛苦了  mark
小菜鸟一 6天前
7
这个可以,赞
哆啦咪 5天前
8
顶~
1
uestcdzy 5天前
9
666,辛苦了。
ljcnaix 4天前
10
虚拟化漏洞还有三篇qemu系列的,虚拟机逃逸——QEMU的案例分析(一、二、三):
https://bbs.pediy.com/thread-217997.htm
https://bbs.pediy.com/thread-217999.htm
https://bbs.pediy.com/thread-218045.htm
4
BDomne 4天前
11
ljcnaix 虚拟化漏洞还有三篇qemu系列的,虚拟机逃逸——QEMU的案例分析(一、二、三): https://bbs.pediy.com/thread-217997.htm https://bbs.pedi ...
多谢补充,已更新
返回