Lista de recursos para explotación en Windows

Pululando por la red encontré un proyecto en Github con una impresionante lista de recursos para explotar Windows, y otras cosas brillantes:

https://github.com/enddo/awesome-windows-exploitation

Si quieres aportar tu granito de arena no lo dudes y echa un vistazo su guía para contribuir. A mi de momento me tendrá horas días entretenido ;)

bon appétit!

Windows stack overflows

Stack Base Overflow Articles.

Windows heap overflows

Heap Base Overflow Articles.

Kernel based Windows overflows

Kernel Base Exploit Development Articles.

Return Oriented Programming


Windows memory protections

Windows memory protections Introduction Articles.

Bypassing filter and protections

Windows memory protections Bypass Methods Articles.

Typical windows exploits


Exploit development tutorial series

Exploid Development Tutorial Series Base on Windows Operation System Articles.


Tools

Disassemblers, debuggers, and other static and dynamic analysis tools.
  • angr - Platform-agnostic binary analysis framework developed at UCSB's Seclab.
  • BARF - Multiplatform, open source Binary Analysis and Reverse engineering Framework.
  • binnavi - Binary analysis IDE for reverse engineering based on graph visualization.
  • Bokken - GUI for Pyew and Radare.
  • Capstone - Disassembly framework for binary analysis and reversing, with support for many architectures and bindings in several languages.
  • codebro - Web based code browser using clang to provide basic code analysis.
  • dnSpy - .NET assembly editor, decompiler and debugger.
  • Evan's Debugger (EDB) - A modular debugger with a Qt GUI.
  • GDB - The GNU debugger.
  • GEF - GDB Enhanced Features, for exploiters and reverse engineers.
  • hackers-grep - A utility to search for strings in PE executables including imports, exports, and debug symbols.
  • IDA Pro - Windows disassembler and debugger, with a free evaluation version.
  • Immunity Debugger - Debugger for malware analysis and more, with a Python API.
  • ltrace - Dynamic analysis for Linux executables.
  • objdump - Part of GNU binutils, for static analysis of Linux binaries.
  • OllyDbg - An assembly-level debugger for Windows executables.
  • PANDA - Platform for Architecture-Neutral Dynamic Analysis
  • PEDA - Python Exploit Development Assistance for GDB, an enhanced display with added commands.
  • pestudio - Perform static analysis of Windows executables.
  • Process Monitor - Advanced monitoring tool for Windows programs.
  • Pyew - Python tool for malware analysis.
  • Radare2 - Reverse engineering framework, with debugger support.
  • SMRT - Sublime Malware Research Tool, a plugin for Sublime 3 to aid with malware analyis.
  • strace - Dynamic analysis for Linux executables.
  • Udis86 - Disassembler library and tool for x86 and x86_64.
  • Vivisect - Python tool for malware analysis.
  • X64dbg - An open-source x64/x32 debugger for windows.

Via: www.hackplayers.com
Lista de recursos para explotación en Windows Lista de recursos para explotación en Windows Reviewed by Zion3R on 18:46 Rating: 5