转:https://github.com/re-pronin/Awesome-Vulnerability-Research

Awesome Vulnerability Research Awesome

🦄 A curated list of the awesome resources about the Vulnerability Research

First things first: There are no exploits in this project. Vulnerabilities != Exploits A Vulnerability resides in the software itself, doing nothing on its own. If you are really curious about then you’ll find your own way to discover a flow, this list aimed to help you find it faster.

Maintained by Serhii Pronin with contributions from the community. Become the next 🌟 stargazer or ✍️ contributor.
In case of emergency gimme a shout 🔑 PGP key fingerprint: 2B56 34F1 51A3 84E0 A039 7815 793A 1A66 A341 8A12

Made With Passion License CC-BY-SA-4.0 GitHub Stars

Vulnerability Research is the process of analyzing a product, protocol, or algorithm - or set of related products - to find, understand or exploit one or more vulnerabilities. Vulnerability research can but does not always involve reverse engineering, code review, static and dynamic analysis, fuzzing and debugging.

Purpose

Currently, there is way more insecure code out there than researchers. Much more people looking at code that’s deployed in the real world are required by the market. This project exists to share a different awesome sources of information with you and encourage more people to get involved. Here you will find books and articles, online classes, recommended tools, write-ups, methodologies and tutorials, people to follow, and more cool stuff about Vulnerability Research and tinkering with application execution flow in general.

Contributing

This List is published according to the "Done is better than Perfect" approach, so your contributions and suggestions are very valuable and are always welcome! There are two options:

  1. Use the standard method of forking this repo, making your changes and doing a pull request to have your content added. Please check the Contributing Guideline for more details.
  2. Occasionally, if you just want to copy/paste your content, I'll take that too! Create an "Issue" with your suggestions and I will add it for you.

Legend:

  • 🌟: Most Awesome
  • 💰: Costs Money
  • 🔥: Hot Stuff
  • 🎁: For FREE

Contents

Advisories

Back to Contents

Articles

Back to Contents

Books

Back to Contents

Classes

Back to Contents

Conferences

Back to Contents

Conference talks

Back to Contents

Intentionally vulnerable packages

Back to Contents

Mailing lists and Newsletters

Back to Contents

Presentations

Back to Contents

Podcasts and Episodes

Podcasts

Back to Contents

Episodes

Back to Contents

Relevant Standards

Back to Contents

Miscellaneous Documents

Back to Contents

Research Papers

Whitepapers

Back to Contents

Individual researchers

Back to Contents

Tools and Projects

  • Windbg - The preferred debugger by exploit writers.
  • ltrace - Intercepts library calls
  • ansvif - An advanced cross platform fuzzing framework designed to find vulnerabilities in C/C++ code.
  • Metasploit Framework - A framework which contains some fuzzing capabilities via Auxiliary modules.
  • Spike - A fuzzer development framework like sulley, a predecessor of sulley.

Back to Contents

GitHub repos

  • Google Sanitizers - A repo with extended documentation, bugs and some helper code for the AddressSanitizer, MemorySanitizer, ThreadSanitizer, LeakSanitizer. The actual code resides in the LLVM repository.
  • hackers-grep - The hackers-grep is a tool that enables you to search for strings in PE files. The tool is capable of searching strings, imports, exports, and public symbols (like woah) using regular expressions.
  • Grinder - Grinder is a system to automate the fuzzing of web browsers and the management of a large number of crashes.
  • Choronzon - An evolutionary knowledge-based fuzzer boofuzz - A fork and successor of Sulley framework.

Back to Contents

Tutorials

Back to Contents

Videos

Back to Contents

Vendor’s bug databases

Back to Contents

Vulnerability databases

Back to Contents

Wargames and CTFs

Back to Contents

Websites

Back to Contents

Blogs

Back to Contents

Who to Follow

GitHub

Back to Contents

Mastodon

Back to Contents

Medium

Back to Contents

Slack

Back to Contents

SlideShare

Back to Contents

Speaker Deck

Back to Contents

Telegram

Back to Contents

Twitter

Back to Contents

Miscellaneous Advisories

Back to Contents

Companies and Jobs

Back to Contents

Coordinated Disclosure

Back to Contents

Common Lists

Awesome Lists

  • Awesome AppSec - A curated list of resources for learning about application security. Contains books, websites, blog posts, and self-assessment quizzes.
  • Awesome Web Security - A curated list of Web Security materials and resources.

Back to Contents

Other Lists

Back to Contents

Thanks

Thanks a lot!

Back to Contents

posted on 2017-07-27 14:48  studyskill  阅读(418)  评论(0编辑  收藏  举报