资料收集

1. https://github.com/1u4nx/Exploit-Exercises-Nebula
2. c内存管理：http://www.inf.udec.cl/~leo/teoX.pdf
3. 用Windbg和Python进行堆跟踪:http://www.freebuf.com/articles/system/103816.html
4. Python和cdb结合案例(Python编写调试器)：http://www.freebuf.com/sectool/89001.html
5. 绕过security cookie的栈利用：https://www.zerodayinitiative.com/blog/2017/8/9/the-blue-frost-security-challenge-an-exploitation-journey-for-fun-and-free-drinks
6. https://www.zerodayinitiative.com/blog/2017/8/1/pythonizing-the-vmware-backdoor
7. Debugee in QEMU：http://bobao.360.cn/learning/detail/4265.html
8. Digtool: A Virtualization-Based Framework for Detecting Kernel Vulnerabilities：https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-pan.pdf:结合虚拟化技术实现客户机系统调用/线程调度/内存访问监控，可以发现Unprobe/OOB/UAF/TOCTTOU漏洞。
9. Qemu安全分析，360 in hitb:https://gsec.hitb.org/materials/sg2017/D1%20-%20Ashley%20Shen%20and%20Moonbeom%20Park%20-%20A%20Deep%20Dive%20into%20the%20Digital%20Weapons%20of%20the%20North%20Korean%20Cyber%20Army.pdf
10. https://comsecuris.com/blog/posts/vmware_vgpu_shader_vulnerabilities/

 

 

 

工具

https://www.ctftools.com/down/

Fuzzing Apache httpd server with American Fuzzy Lop + persistent mode

https://sensepost.com/blog/2017/fuzzing-apache-httpd-server-with-american-fuzzy-lop-+-persistent-mode/

vulscan - Vulnerability Scanning with Nmap：https://github.com/scipag/vulscan

Bytecode Viewer - A Java 8 Jar & Android Apk Reverse Engineering Suite (Decompiler, Editor, Debugger & More)：http://www.kitploit.com/2017/08/bytecode-viewer-java-8-jar-android-apk.html?m=1

MTuner is a C/C++ memory profiler and memory leak finder for Windows:https://github.com/milostosic/MTuner