Reverse Engineering, Exploitation & Crypto.
Check out my blog, follow me on Twitter and Youtube!
-
Reverse engineering a simple crackme called “Just see”: writeup
-
Reverse engineering a level 1 crackme "Easy_firstCrackme-by-D4RK_FL0W": writeup
-
Utility - Object/Executable file to shellcode converter script: code
-
Utility - Assembly and link script : code
-
Utility - Shellcode testing skeleton generator : code
-
Utility - GDB python script template : code
-
Exit syscall asm: code
-
Write syscall "Hello world!": code
-
Execve shellcode (dynamic addressing) code
-
Ret2libc exploit for protostar stack6 challenge : code
-
Exploit for protostar stack7 challenge (Smallest ROP chain): code
-
Exploit for VUPlayer 2.49 (no DEP) local buffer overflow: code, writeup
-
Execve shellcode (stack method) : code
-
Execve shellcode using RIP relative addressing code
-
Password Protected Reverse Shell (Linux/x64) code, writeup, Featured in the 1st number of Paged-Out
-
XANAX - A custom shellcode encoder written in assembly :
-
A more generic (and somewhat extensible) encoder skeleton written in Go code
-
Gocryper : A custom AES shellcode crypter written in Go code, writeup
-
Password Protected Reverse Shell (Linux/ARMv6)
-
MalwareTech's String Challenges crackmes: writeup
-
MalwareTech's Shellcode Challenges crackmes: writeup
-
DEFCON Qualys 2019 : Speedrun-001 exploit (Stack-based bof + ROP): code
-
Solution for the crackme "Crackme2-be-D4RK_FL0W" writeup
-
Solution for the crackme "Crack3-by-D4RK_FL0W" :
-
Utility - r2frida Cheatsheet: writeup
-
Solution for the crackme "alien_bin" writeup
-
Automated solutions for the crackme "mexican": writeup, script solution 1: carving, script solution 2: patching
-
Writeup for the crackme "crackme_by_coulomb" (.net): writeup
-
Writeup for the crackme "shadows_registerme" (.net): writeup
-
Writeup for the crackme "removemytrial_by_coulomb" (.net): writeup
-
Writeup for the crackme "Get The Password": writeup, code (keygen)
-
Cyptopals Solutions: Set 1, Challenge 1. "Convert hex to base64": code
-
Cyptopals Solutions: Set 1, Challenge 2. "Fixed XOR": code
-
Cyptopals Solutions: Set 1, Challenge 3. "Single-byte XOR cipher": code
-
Cyptopals Solutions: Set 1, Challenge 4. "Detect single-character XOR": code
-
Cyptopals Solutions: Set 1, Challenge 5. "Implement repeating-key XOR": code
-
Cyptopals Solutions: Set 1, Challenge 6. "Break repeating-key XOR": code
-
Cyptopals Solutions: Set 1, Challenge 7. "AES in ECB mode": code
-
Cyptopals Solutions: Set 1, Challenge 8. "Detect AES in ECB mode": code
-
Cyptopals Solutions: Set 2, Challenge 9. "Implement PKCS#7 padding": code
-
Cyptopals Solutions: Set 2, Challenge 15. "PKCS#7 padding validation": code
A non-exhaustive list of tools
- radare2 (+Cutter +r2frida +r2pipe +r2ghidra-dec)
- Ghidra
- x64dbg
- Frida
- gdb (+gdb-dashboard +GEF)
- Valgrind
- Pwntools
- Wireshark
- Binwalk
- strace
- ltrace
- hexdump
- xxd
- rappel
- nasm
- gas
- Unicorn Engine
- IDA
- hexedit
- bless
- Metasploit (https://www.metasploit.com/)
There's a LOT of stuff out there. These are just the most useful things I've found so far.
- 💻 Live overflow
- 📖 The shellcoder's handbook
- 💻 Exploit education
- 💻 Gynvael coldwind
- 💻 Azeria labs
- 💻 Phrack
- 💻 Corelan
- 💻 Fuzzysecurity
- 💻 Packetstormsecurity
- 💻 Exploitdb
- 📖 Beginners RE
- 📖 Practical reverse engineering
- 📖 Programming linux anti-reversing techniques
- 📖 Attacking network protocols
- 📖 Penetration testing: A Hands-On introduction to hacking
- 💻 Malware Unicorn
- 📖 Radare2 Book
- 💻 Paged-Out!
- 📖 PoC||GTFO I
- 📖 PoC||GTFO II
- 📖 The IDA Pro Book
- 📖 Hacker Disassembling Uncovered
- 💻 Reverse Engineering Stackexchange
- 💻 Cryptopals Challenges
- 📖 Cryptool Book
- 📖 Crypto 101
- 📖 Cracking Codes With Python