• Stars
    star
    1,241
  • Rank 37,857 (Top 0.8 %)
  • Language
    C
  • Created over 7 years ago
  • Updated about 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

This book on heap exploitation is a guide to understanding the internals of glibc's heap and various attacks possible on the heap structure.

Heap Exploitation

This short book is written for people who want to understand the internals of 'heap memory', particularly the implementation of glibc's 'malloc' and 'free' procedures, and also for security researchers who want to get started in the field of heap exploitation.

The first section of the book covers an in-depth, yet concise, description about heap internals. The second section covers some of the most famous attacks. It is assumed that the reader is unfamiliar with this topic. For experienced readers, this text might be good for a quick revision.

Read for free online (recommended) or download the PDF or ePUB or Mobi/Kindle editions.

Citing heap-exploitation

If you use this book in your research, please use the following BibTex entry:

@software{dhaval_kapil_2022_6450612,
  author       = {Dhaval Kapil},
  title        = {DhavalKapil/heap-exploitation},
  month        = apr,
  year         = 2022,
  publisher    = {Zenodo},
  version      = {v1.0.0},
  doi          = {10.5281/zenodo.6450612},
  url          = {https://doi.org/10.5281/zenodo.6450612}
}

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

More Repositories

1

icmptunnel

Transparently tunnel your IP traffic through ICMP echo and reply packets.
C
3,093
star
2

luaver

Lua Version Manager - Managing and switching between different versions of Lua, LuaJIT and Luarocks made easy
Shell
267
star
3

libdheap

A shared (dynamic) library that can be transparently injected into different processes to detect memory corruption in glibc heap
C
166
star
4

elasticsearch-lua

Lua client for Elasticsearch
Lua
150
star
5

image-uploader

A simple and elegant PHP library for securely uploading images
PHP
62
star
6

dns-validator

Security tool to detect dns poisoning attacks
JavaScript
48
star
7

network-monitor

Tool to analyze and monitor network traffic
JavaScript
44
star
8

stack-guard

A toy implementation of 'Stack Guard' on top of the LLVM compiler toolchain
C++
24
star
9

ctf-writeups

Python
21
star
10

MusicComposer

A music generator that makes pleasing music based on western music theory
Java
12
star
11

dhavalkapil.github.io

My Jekyll Blog website
CSS
9
star
12

viewer

A client/server java application to transmit changes on files on the client side to the server side immediately.
Java
9
star
13

exploits

Java
8
star
14

xss-auditor-analysis

Python
7
star
15

harley

Daily activity center for autistic children developed for Microsoft Code.Fun.Do
C#
5
star
16

FileTransferer

A socket based program to send a file over the network after dividing it into parts and sending each part separately
Java
4
star
17

pwnfox-gdb

Python
4
star
18

digit-recognition

MNIST handwritten digit recognition using Deep Learning
Python
2
star
19

pwnfox-js

JavaScript
2
star
20

Chat

A chatting software implemented in java
2
star
21

arp-analysis

Python
2
star
22

Captcha

An image based customizable CAPTCHA generator written in PHP.
PHP
1
star
23

arp-simulations

Java
1
star
24

IITRVirusRemover

A simple program to remove a particular type of virus found in computers of ICC in IIT Roorkee
Java
1
star
25

ForwardingServer

A server program that accepts input from one client and forwards it to all the clients connected to it
1
star