列表不定期更新,有遗漏的地方还望各位留帖补充:Plast update: 2020.01.01
从漏洞、漏洞利用、Fuzz、利用缓解四个方面总结的一张脑图https://bbs.pediy.com/thread-216256.htm
『二进制漏洞分析』学习资源整理https://bbs.pediy.com/thread-221851.htm
Windows下的shellcode剖析浅谈https://bbs.pediy.com/thread-99007.htm
通过hash值计算API的名字https://bbs.pediy.com/thread-55187.htm
Shellcode编写之hash式函数调用及相关https://bbs.pediy.com/thread-58393.htm
Shellcode In x64https://bbs.pediy.com/thread-155336.htm
Flash漏洞所用shellcode的分析https://bbs.pediy.com/thread-65907.htm
一个Word溢出样本的shellcode分析https://bbs.pediy.com/thread-130249.htm
Egg Hunting - Shellcode分段执行技术原理https://bbs.pediy.com/thread-129086.htm
Windows格式化字符串漏洞利用https://bbs.pediy.com/thread-132554.htm
格式化字符串漏洞https://bbs.pediy.com/thread-255483.htm
缓冲区溢出攻击浅析,写给初学者https://bbs.pediy.com/thread-131340.htm
堆溢出精髓分析与实践https://bbs.pediy.com/thread-102527.htm
二进制各种漏洞原理实战分析总结https://bbs.pediy.com/thread-252569.htm
Linux PWN从入门到熟练https://bbs.pediy.com/thread-248682.htm
Linux PWN从入门到熟练(二)https://bbs.pediy.com/thread-248681.htm
Linux pwn从入门到熟练(三)https://bbs.pediy.com/thread-255277.htm
一步一步学pwntoolshttps://bbs.pediy.com/thread-247217.htm
printf函数leak与canary绕过原理及利用方式https://bbs.pediy.com/thread-229447.htm
从BookWriter看house_of_orange原理https://bbs.pediy.com/thread-223334.htm
CTF堆利用:House Of Forcehttps://bbs.pediy.com/thread-222924.htm
堆溢出-House of orange 学习笔记https://bbs.pediy.com/thread-222718.htm
unlink 系列https://bbs.pediy.com/thread-247007.htm
堆的六种利用手法https://bbs.pediy.com/thread-246786.htm
Tcache利用总结https://bbs.pediy.com/thread-249713.htm
ROPEmporium全解https://bbs.pediy.com/thread-256914.htm
如何在pwn题中更有效地使用GDBhttps://bbs.pediy.com/thread-223337.htm
协程切换的临界区块控制不当而引发的UAF血案https://bbs.pediy.com/thread-224686.htm
dl_runtime_resolve结合源码分析及常见的几种攻击手法https://bbs.pediy.com/thread-253833.htm
强网杯出题思路-solid_core-HijackPrctlhttps://bbs.pediy.com/thread-225488.htm
强网杯线下赛qemu虚拟机逃逸https://bbs.pediy.com/thread-252385.htm
新手玩转Linux Kernel漏洞之Null Pointer Dereferencehttps://bbs.pediy.com/thread-227019.htm
linux kernel pwn 分析(一) 强网杯core + ciscn babydriverhttps://bbs.pediy.com/thread-247054.htm
linux kernel pwn笔记https://bbs.pediy.com/thread-247949.htm
Windows溢出保护原理与绕过方法概览https://bbs.pediy.com/thread-123572.htm
二进制漏洞利用中的ROP技术研究与实例分析https://bbs.pediy.com/thread-221041.htm
ROP【二进制学习】https://bbs.pediy.com/thread-246484.htm
利用SEH异常处理机制绕过GS保护https://bbs.pediy.com/thread-223443.htm
利用Stack Pivot和ROP绕过ASLR+DEP学习笔记https://bbs.pediy.com/thread-146321.htm
Heap Spray技术要点https://bbs.pediy.com/thread-156991.htm
JavaScript中的堆风水https://bbs.pediy.com/thread-55879.htm
JIT Spray:利用JIT在内存中构造可控可执行代码https://bbs.pediy.com/thread-109060.htm
MS08-067通用bypass DEP的缓冲区溢出栈帧构造方法的学习https://bbs.pediy.com/thread-81667.htm
关于safeSEH和/GS技术https://bbs.pediy.com/thread-134754.htm
SafeSEH和DEP都开启了,有办法破吗https://bbs.pediy.com/thread-137468.htm
缓冲区溢出漏洞exploit在当下遇到的绝境https://bbs.pediy.com/thread-179658.htm
分析微软EMET工具的两个功能实现https://bbs.pediy.com/thread-125470.htm
Win10下EMET 5.5防护机制之Memport的绕过https://bbs.pediy.com/thread-208774.htm
linux漏洞缓解机制介绍https://bbs.pediy.com/thread-226696.htm
Windows 10 内核漏洞利用防护及其绕过方法https://bbs.pediy.com/thread-227102.htm
Exploit for ANI filehttps://bbs.pediy.com/thread-42208.htm
Microsoft TIFF图像文件处理栈溢出漏洞(MS07-055)https://bbs.pediy.com/thread-57730.htm
认识PNG文件格式https://bbs.pediy.com/thread-75181.htm
Adobe PDF LibTiff Integer Overflow CVE-2010-0188初探https://bbs.pediy.com/thread-109316.htm
手把手一起分析最新Flash样本https://bbs.pediy.com/thread-147686.htm
Adobe flash漏洞之CVE-2009-1862初探 -- 基础知识篇https://bbs.pediy.com/thread-101342.htm
CVE-2011-0611分析https://bbs.pediy.com/thread-137922.htm
CVE-2012-0769, the case of the perfect info leakhttps://bbs.pediy.com/thread-155034.htm
Analysing the PoC of CVE-2012-0769https://bbs.pediy.com/thread-149338.htm
CVE-2012-1535 Flash解析特殊格式字体漏洞样本构造分享https://bbs.pediy.com/thread-157851.htm
CVE-2012-1535漏洞调试分析https://bbs.pediy.com/thread-154860.htm
CVE-2012-1535 Flash漏洞调试笔记https://bbs.pediy.com/thread-155101.htm
Adobe Flash Player远程代码执行漏洞分析(CVE-2012-1535)https://bbs.pediy.com/thread-156124.htm
CVE-2013-0634 PoC Analysishttps://bbs.pediy.com/thread-162493.htm
CVE-2014-0322完整详细分析https://bbs.pediy.com/thread-193313.htm
CVE-2015-3090 Exploit利用分析https://bbs.pediy.com/thread-202461.htm
New Flash Exploition Analysishttps://bbs.pediy.com/thread-199166.htm
Flash漏洞利用样本逆向分析艺术https://bbs.pediy.com/thread-215882.htm
Flash 0day(CVE-2018-4878)分析记录https://bbs.pediy.com/thread-224527.htm
CVE-2018-15982漏洞分析报告https://bbs.pediy.com/thread-248272.htm
MS08-067漏洞分析https://bbs.pediy.com/thread-75361.htm
EMM's MS08-067 exploit原理分析https://bbs.pediy.com/thread-80416.htm
MS17-010 SMB 远程命令执行漏洞利用分析https://bbs.pediy.com/thread-217745.htm
payload优化让永恒之蓝漏洞利用(MS17010)更稳定https://bbs.pediy.com/thread-254059.htm
WannaCry勒索软件中“永恒之蓝”漏洞利用分析https://bbs.pediy.com/thread-217734.htm
CVE-2015-2370之DCOM DCE/RPC协议原理详细分析https://bbs.pediy.com/thread-248128.htm
Metasploit BlueKeep漏洞利用模块简要分析https://bbs.pediy.com/thread-254375.htm
CVE-2019-0708 bluekeep 漏洞研究分析详细完整版https://bbs.pediy.com/thread-256734.htm
DejaBlue(CVE-2019-1181/1182) Windows RDP漏洞分析https://bbs.pediy.com/thread-256766.htm
CVE-2010-0249 IE极光漏洞深入分析https://bbs.pediy.com/thread-247763.htm
Analysis CVE-2011-0065 Firefox 3.6.16 mChannel use after free vulnerabilityhttps://bbs.pediy.com/thread-139044.htm
Firefox UAF漏洞利用:基于shared array buffershttps://bbs.pediy.com/thread-220038.htm
IE8 sc.txt exploit分析学习https://bbs.pediy.com/thread-142917.htm
Analysing the PoC of CVE-2012-0003https://bbs.pediy.com/thread-146055.htm
CVE-2012-1875: mshtml.dll Use-After-Free漏洞分析https://bbs.pediy.com/thread-152240.htm
CVE-2012-1876 MSHTML.DLL堆溢出漏洞分析https://bbs.pediy.com/thread-153363.htm
CVE-2012-1876 Exploit利用分析https://bbs.pediy.com/thread-202089.htm
CVE-2012-1889 Win7 通过GUID加载dll库绕过ASLR+DEPhttps://bbs.pediy.com/thread-247975.htm
CVE-2012-4792漏洞分析https://bbs.pediy.com/thread-173147.htm
UAF漏洞分析之CVE-2012-4969https://bbs.pediy.com/thread-206412.htm
CVE-2013-1347(IE8 UAF漏洞)分析https://bbs.pediy.com/thread-174631.htm
CVE-2013-1347: IE CLayoutBlock更新错误导致UAFhttps://bbs.pediy.com/thread-182085.htm
IE漏洞CVE-2013-2551分析-附pochttps://bbs.pediy.com/thread-173600.htm
CVE-2013-3893: SetMouseCapture UAFhttps://bbs.pediy.com/thread-182083.htm
CVE-2013-3893 IE浏览器uaf漏洞利用https://bbs.pediy.com/thread-217373.htm
CVE-2014-0322 0day Exploit分析https://bbs.pediy.com/thread-184608.htm
CVE-2014-0322 IE与Flash结合利用 绕过ASLR+DEPhttps://bbs.pediy.com/thread-248057.htm
How to use VBScript to turn on the God Mode?https://bbs.pediy.com/thread-189224.htm
About CVE-2014-6332https://bbs.pediy.com/thread-194744.htm
CVE-2014-6332学习笔记https://bbs.pediy.com/thread-248310.htm
CVE-2014-6332 修改浏览器安全属性开启Godmodehttps://bbs.pediy.com/thread-248273.htm
CVE-2015-6086 简要分析https://bbs.pediy.com/thread-209825.htm
CVE-2016-0189 vbs脚本引擎损坏漏洞分析https://bbs.pediy.com/thread-228371.htm
对CVE-2016-0199的简单分析https://bbs.pediy.com/thread-212058.htm
CVE-2017-11802分析https://bbs.pediy.com/thread-222519.htm
CVE-2017-11906 && CVE-2017-11907 组合漏洞分析笔记https://bbs.pediy.com/thread-256832.htm
CVE-2018-8174漏洞复现调试笔记https://bbs.pediy.com/thread-246741.htm
CVE-2018-8174 “双杀”0day 从UAF到Exploithttps://bbs.pediy.com/thread-248477.htm
“深入”探索CVE-2018-8174https://bbs.pediy.com/thread-249933.htm
记一次CVE-2018-8373利用构造过程https://bbs.pediy.com/thread-246327.htm
一个拼凑起来的CVE-2018-8373的EXPhttps://bbs.pediy.com/thread-246660.htm
CVE-2018-8373分析与复现https://bbs.pediy.com/thread-246940.htm
CVE-2019-1208漏洞调试笔记https://bbs.pediy.com/thread-255935.htm
IE浏览器漏洞综合利用技术:堆喷射技术https://bbs.pediy.com/thread-223106.htm
IE浏览器漏洞综合利用技术:UAF利用技术的发展https://bbs.pediy.com/thread-223107.htm
浏览器漏洞攻防对抗的艺术https://bbs.pediy.com/thread-211277.htm
完整剖析Acrobat Reader - Collab getIcon universal exploiter之路https://bbs.pediy.com/thread-98571.htm
Adobe reader 漏洞CVE-2009-4324初步分析https://bbs.pediy.com/thread-104890.htm
CVE-2009-3459漏洞PoC分析https://bbs.pediy.com/thread-102514.htm
Adobe Reader栈溢出漏洞分析(CVE-2010-2883)https://bbs.pediy.com/thread-251801.htm
CVE-2011-0611初探https://bbs.pediy.com/thread-136907.htm
CVE-2013-0640漏洞利用分析 - 附PoChttps://bbs.pediy.com/thread-163035.htm
MS10-087从漏洞补丁到PoChttps://bbs.pediy.com/thread-195992.htm
CVE-2011-0104 Excel缓冲区溢出漏洞分析https://bbs.pediy.com/thread-144387.htm
对CVE-2011-0978稳定利用的分析https://bbs.pediy.com/thread-145971.htm
Analysis CVE-2011-0978 Microsoft Office Excel Axis Properties Record Parsing Buffhttps://bbs.pediy.com/thread-138428.htm
CVE-2012-0158分析笔记https://bbs.pediy.com/thread-160149.htm
CVE-2012-0158两种poc分析https://bbs.pediy.com/thread-217890.htm
不死鸟之眼——CVE-2012-0158的常见利用姿势https://bbs.pediy.com/thread-230001.htm
解读天书----漏洞利用中级技巧的分析https://bbs.pediy.com/thread-184721.htm
CVE-2013-3906简要分析https://bbs.pediy.com/thread-181216.htm
CVE-2014-1761分析笔记https://bbs.pediy.com/thread-192351.htm
CVE-2014-4114 SandWorm沙虫漏洞分析报告https://bbs.pediy.com/thread-193443.htm
CVE-2012-1856 Office ActiveX控件MSCOMCTL.OCX UAF漏洞分析https://bbs.pediy.com/thread-223844.htm
CVE-2013-3906漏洞分析https://bbs.pediy.com/thread-225993.htm
分析CVE-2015-1641的记录https://bbs.pediy.com/thread-230289.htm
从CVE-2015-1642到Office ActiveX控件堆喷探究https://bbs.pediy.com/thread-250071.htm
结合一个野外样本构造一个cve-2016-7193弹计算器的利用https://bbs.pediy.com/thread-221792.htm
CVE-2017-11826 样本分析https://bbs.pediy.com/thread-221995.htm
CVE-2018-0798_微软公式编辑器漏洞分析https://bbs.pediy.com/thread-253881.htm
CVE-2018-0802个人浅析https://bbs.pediy.com/thread-253457.htm
CVE-2018-4990 Acrobat Reader 堆内存越界访问释放漏洞分析https://bbs.pediy.com/thread-226971.htm
对CVE-2018-4990漏洞的补充分析https://bbs.pediy.com/thread-250449.htm
VMware漏洞实例分析之一 - 共享文件夹目录遍历漏洞https://bbs.pediy.com/thread-74064.htm
360MarvelTeam虚拟化漏洞第一弹 - CVE-2015-6815漏洞分析https://bbs.pediy.com/thread-206983.htm
虚拟机逃逸 -- QEMU的案例分析系列https://bbs.pediy.com/thread-218045.htm
x86 架构下的 Hypervisor 与虚拟机实现概览https://bbs.pediy.com/thread-225218.htm
Hyper-V安全从0到1系列https://bbs.pediy.com/thread-222624.htm
QEMU 与 KVM 虚拟化安全研究介绍https://bbs.pediy.com/thread-224371.htm
CVE-2017-4901 VMware虚拟机逃逸漏洞分析https://bbs.pediy.com/thread-248384.htm
千年等一回-Adobe Reader CoolType库TTF字体解析栈溢出漏洞分析https://bbs.pediy.com/thread-121986.htm
对CVE-2011-3402的利用分析https://bbs.pediy.com/thread-147274.htm
MS08-025 win32k.sys NtUserFnOUTSTRING Privilege Escalation Exploithttps://bbs.pediy.com/thread-63099.htm
MS08-066 Microsoft Ancillary Function Driver Elevation of Privilege exploithttps://bbs.pediy.com/thread-74811.htm
Windows Vista/7 内核提权NtGdiEnableEudc 0day漏洞分析https://bbs.pediy.com/thread-125514.htm
放个MS11-011分析、逆向、利用、绕过的文档、源代码https://bbs.pediy.com/thread-130487.htm
CVE-2011-1984 wins提权漏洞分析https://bbs.pediy.com/thread-140612.htm
如何触发MS11-080https://bbs.pediy.com/thread-143695.htm
CVE-2013-3660漏洞分析https://bbs.pediy.com/thread-178154.htm
CVE-2014-1767 Afd.sys double-free 漏洞分析与利用https://bbs.pediy.com/thread-194457.htm
CVE-2014-4113分析及Exploit逆向https://bbs.pediy.com/thread-198194.htm
安装vm tools导致的蓝屏牵出的内核bug分析https://bbs.pediy.com/thread-215684.htm
内核漏洞利用技术文章集合https://bbs.pediy.com/thread-129143.htm
内核进击之旅--HEVD--stackoverflowhttps://bbs.pediy.com/thread-225513.htm
基于 GDI 对象的 Windows 内核漏洞利用https://bbs.pediy.com/thread-226448.htm
Windows 内核系列一: UAF基础https://bbs.pediy.com/thread-247019.htm
Windows 内核系列二: cve-2015-0057https://bbs.pediy.com/thread-247281.htm
CVE-2017-0101-Win32k提权分析笔记https://bbs.pediy.com/thread-256949.htm
CVE-2018-8120 两种利用方式学习https://bbs.pediy.com/thread-230051.htm
cve-2018-8453分析及利用EXP编写https://bbs.pediy.com/thread-249021.htm
CVE-2018-8639EXP分析https://bbs.pediy.com/thread-251400.htm
CVE-2018-8639分析与复现https://bbs.pediy.com/thread-254305.htm
CVE-2019-0803复现调试笔记https://bbs.pediy.com/thread-252645.htm
金山毒霸2011内核溢出漏洞https://bbs.pediy.com/thread-120343.htm
瑞星全功能安全软件2011内核拒绝服务漏洞https://bbs.pediy.com/thread-151241.htm
趋势科技 tmactmon.sys DOS漏洞分析(0day)https://bbs.pediy.com/thread-158396.htm
微点主动防御 Mp110013.sys <= 1.3.10123.0 本地内核权限提升漏洞https://bbs.pediy.com/thread-110851.htm
LNK快捷方式文件漏洞简要分析https://bbs.pediy.com/thread-117232.htm
CVE-2014-9707-GoaHead堆溢出漏洞形成分析https://bbs.pediy.com/thread-216966.htm
实践中学习cve-2016-5195https://bbs.pediy.com/thread-251482.htm
用VBoxDbg调试并理解单线程版脏牛(CVE-2016-5195)https://bbs.pediy.com/thread-246024.htm
GOAhead CVE-2017-17562深入分析https://bbs.pediy.com/thread-223793.htm
CVE-2017-7269 IIS6.0远程代码执行漏洞分析及Exploithttps://bbs.pediy.com/thread-216809.htm
CVE-2017-7269:IIS6.0远程代码执行漏洞逆向分析记录https://bbs.pediy.com/thread-216967.htm
cve-2017-8464分析https://bbs.pediy.com/thread-248701.htm
一种新的btis服务com组件漏洞利用方式,成功提权至systemhttps://bbs.pediy.com/thread-228829.htm
CVE-2017-5123 waitid本地提权分析https://bbs.pediy.com/thread-247014.htm
CVE-2017-8890漏洞分析https://bbs.pediy.com/thread-246220.htm
关于CVE-2017-8890的一点细节https://bbs.pediy.com/thread-248463.htm
CVE-2017-8890 漏洞分析 原理篇https://bbs.pediy.com/thread-249193.htm
CVE-2017-8890 漏洞利用(root ubuntu@kernel-4.10.0-19)https://bbs.pediy.com/thread-249194.htm
Linux CVE-2017-16995整数扩展问题导致提权漏洞分析https://bbs.pediy.com/thread-249033.htm
CVE-2017-1000367 分析与复现https://bbs.pediy.com/thread-218260.htm
CVE-2018-6789 Exim Off-by-one漏洞分析https://bbs.pediy.com/thread-225986.htm
CVE-2018-1000001 glibc realpath缓冲区溢出漏洞分析https://bbs.pediy.com/thread-228678.htm
CVE-2018-3639 最新侧信道攻击详细分析,深入架构和微指令https://bbs.pediy.com/thread-245988.htm
深入Spectre V2——跨进程泄露敏感信息https://bbs.pediy.com/thread-254288.htm
CVE-2018-8550分析与复现https://bbs.pediy.com/thread-251129.htm
CVE-2018-8897 原理深度漫游、漏洞利用、调试实战https://bbs.pediy.com/thread-251435.htm
对任意地址写漏洞的一次分析https://bbs.pediy.com/thread-252411.htm
ubuntu 内核源码调试方法(双机调试)https://bbs.pediy.com/thread-249192.htm
Linux内核漏洞调试环境搭建的经验分享https://bbs.pediy.com/thread-252344.htm
《漏洞战争》配套资料下载https://bbs.pediy.com/thread-211573.htm
软件安全测试(fuzz)之大家一起学1:fuzz platform架构https://bbs.pediy.com/thread-75032.htm
软件漏洞挖掘Fuzz工具之三 - 入门篇https://bbs.pediy.com/thread-69910.htm
文件Fuzz教程系列索引https://bbs.pediy.com/thread-176420.htm
软件漏洞挖掘之一_SPIKEhttps://bbs.pediy.com/thread-68516.htm
基于SKIPE的网络协议Fuzzing技术https://bbs.pediy.com/thread-180619.htm
对ActiveX控件进行Fuzzing测试发掘漏洞https://bbs.pediy.com/thread-156920.htm
Windows XP SP3 AFD.sys 本地拒绝服务漏洞的挖掘过程https://bbs.pediy.com/thread-165917.htm
漏洞挖掘方法之静态扫描+经典栈溢出实例https://bbs.pediy.com/thread-184409.htm
afl-fuzz源码情景分析,详细读码笔记https://bbs.pediy.com/thread-218671.htm
honggfuzz漏洞挖掘技术深究系列https://bbs.pediy.com/thread-247954.htm
漏洞挖掘技术之 AFL 项目分析https://bbs.pediy.com/thread-249912.htm
内核漏洞挖掘技术系列(1)——trinityhttps://bbs.pediy.com/thread-250302.htm
内核漏洞挖掘技术系列(2)——bochspwnhttps://bbs.pediy.com/thread-250878.htm
fuzzing技术总结https://bbs.pediy.com/thread-248997.htm
关于 fuzz 的 一点总结https://bbs.pediy.com/thread-249986.htm
AFL afl_fuzz.c 详细分析https://bbs.pediy.com/thread-254705.htm
软件漏洞分析入门https://bbs.pediy.com/thread-56445.htm
二进制漏洞入门教程https://bbs.pediy.com/thread-208596.htm
Exploit编写系列教程1-10合集https://bbs.pediy.com/thread-123602.htm
Linux (x86) Exploit 开发系列1~12合集https://bbs.pediy.com/thread-217390.htm
Windows exploit开发系列教程第1-19部分汇编https://bbs.pediy.com/thread-225323.htm
Windows Kernel Exploit 内核漏洞学习https://bbs.pediy.com/thread-253384.htm
漏洞分析的那些事儿https://bbs.pediy.com/thread-142265.htm
软件漏洞分析技巧分享https://bbs.pediy.com/thread-185817.htm
众里寻他千百度----文件类漏洞ShellCode的查找https://bbs.pediy.com/thread-121045.htm
简单谈谈Java Exploithttps://bbs.pediy.com/thread-143826.htm
调试AVM中的JITed code技巧https://bbs.pediy.com/thread-194903.htm
漏洞挖掘之个人见解https://bbs.pediy.com/thread-140597.htm
[培训]二进制漏洞攻防(第3期);满10人开班;模糊测试与工具使用二次开发;网络协议漏洞挖掘;Linux内核漏洞挖掘与利用;AOSP漏洞挖掘与利用;代码审计。
ljcnaix 虚拟化漏洞还有三篇qemu系列的,虚拟机逃逸——QEMU的案例分析(一、二、三): https://bbs.pediy.com/thread-217997.htm https://bbs.pedi ...