DhavalKapil/heap-exploitation

Stars
1,242
Rank 37,588 (Top 0.8 %)
Language
C
Created over 7 years ago
Updated almost 2 years ago

DhavalKapil/heap-exploitation

DhavalKapil

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

This book on heap exploitation is a guide to understanding the internals of glibc's heap and various attacks possible on the heap structure.

Heap Exploitation

This short book is written for people who want to understand the internals of 'heap memory', particularly the implementation of glibc's 'malloc' and 'free' procedures, and also for security researchers who want to get started in the field of heap exploitation.

The first section of the book covers an in-depth, yet concise, description about heap internals. The second section covers some of the most famous attacks. It is assumed that the reader is unfamiliar with this topic. For experienced readers, this text might be good for a quick revision.

This is not the final version and will keep on updating. For contributing see this.
The source code for the book can be found on GitHub.
The canonical URL for the book is https://heap-exploitation.dhavalkapil.com.
You can subscribe for updates on the book website.

Read for free online (recommended) or download the PDF or ePUB or Mobi/Kindle editions.

Citing heap-exploitation

If you use this book in your research, please use the following BibTex entry:

@software{dhaval_kapil_2022_6450612,
  author       = {Dhaval Kapil},
  title        = {DhavalKapil/heap-exploitation},
  month        = apr,
  year         = 2022,
  publisher    = {Zenodo},
  version      = {v1.0.0},
  doi          = {10.5281/zenodo.6450612},
  url          = {https://doi.org/10.5281/zenodo.6450612}
}

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

icmptunnel

Transparently tunnel your IP traffic through ICMP echo and reply packets.

luaver

Lua Version Manager - Managing and switching between different versions of Lua, LuaJIT and Luarocks made easy

libdheap

A shared (dynamic) library that can be transparently injected into different processes to detect memory corruption in glibc heap

elasticsearch-lua

Lua client for Elasticsearch

image-uploader

A simple and elegant PHP library for securely uploading images

dns-validator

Security tool to detect dns poisoning attacks

network-monitor

Tool to analyze and monitor network traffic

stack-guard

A toy implementation of 'Stack Guard' on top of the LLVM compiler toolchain

ctf-writeups

MusicComposer

A music generator that makes pleasing music based on western music theory

dhavalkapil.github.io

My Jekyll Blog website

viewer

A client/server java application to transmit changes on files on the client side to the server side immediately.

exploits

xss-auditor-analysis

harley

Daily activity center for autistic children developed for Microsoft Code.Fun.Do

FileTransferer

A socket based program to send a file over the network after dividing it into parts and sending each part separately

pwnfox-gdb

digit-recognition

MNIST handwritten digit recognition using Deep Learning

pwnfox-js

Chat

A chatting software implemented in java

arp-analysis

Captcha

An image based customizable CAPTCHA generator written in PHP.

arp-simulations

IITRVirusRemover

A simple program to remove a particular type of virus found in computers of ICC in IIT Roorkee

ForwardingServer

A server program that accepts input from one client and forwards it to all the clients connected to it