mdisec/osce-preparation mdisec/osce-preparation

  • Stars
    star
    157
  • Rank 237,008 (Top 5 %)
  • Language
    Python
  • License
    GNU General Publi...
  • Created about 4 years ago
  • Updated about 4 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
mdisec/osce-preparation
github

mdisec

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

MDISEC Twitch topluluğu olarak OSCE hazırlık materyallerinin listelendiği repo.

OSCE Preparation

This repo contains a resources that should be followed step by step during the OSCE preperation.

Please do NOT hesitate to create an issue in order to add resource to the list.

Getting Familiar with Assembly Language

BOOK : Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation https://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315

Videos : x86 Assembly Language and Shellcoding on Linux https://www.pentesteracademy.com/course?id=3

Another Video : Reverse Engineering Win32 Applications Course Videos https://www.pentesteracademy.com/course?id=41

Corelan.be Exploit Development Articles

One of the greatest resource about getting started with buffer overflows.

  1. Corelan.be BOF - 0x01 |  Exploit writing tutorial part 1 : Stack Based Overflows

  2. Corelan.be BOF - 0x02 |  Exploit writing tutorial part 2 : Stack Based Overflows – jumping to shellcode

  3. Corelan.be BOF - 0x03 | Exploit writing tutorial part 3 : SEH Based Exploits

  4. Corelan.be BOF - 0x04 | Exploit writing tutorial part 3b : SEH Based Exploits – just another example

  5. Corelan.be BOF - 0x05 | Exploit writing tutorial part 4 : From Exploit to Metasploit – The basics

  6. Corelan.be BOF - 0x06 | Exploit writing tutorial part 5 : How debugger modules & plugins can speed up basic exploit development

  7. Corelan.be BOF - 0x07 | Exploit writing tutorial part 6 : Bypassing Stack Cookies, SafeSeh, SEHOP, HW DEP and ASLR

  8. Corelan.be BOF - 0x08 | Exploit writing tutorial part 7 : Unicode – from 0x00410041 to calc

FuzzySecurity Windows Exploit Development Tutorial Series

Another awesome resource about exploit development.

  1. Part 1: Introduction to Exploit Development
  2. Part 2: Saved Return Pointer Overflows
  3. Part 3: Structured Exception Handler (SEH)
  4. Part 4: Egg Hunters
  5. Part 5: Unicode 0x00410041
  6. Part 6: Writing W32 shellcode
  7. Part 7: Return Oriented Programming
  8. Part 8: Spraying the Heap [Chapter 1: Vanilla EIP]
  9. Part 9: Spraying the Heap [Chapter 2: Use-After-Free]
  10. Part 10: Kernel Exploitation -> Stack Overflow
  11. Part 11: Kernel Exploitation -> Write-What-Where
  12. Part 12: Kernel Exploitation -> Null Pointer Dereference
  13. Part 13: Kernel Exploitation -> Uninitialized Stack Variable
  14. Part 14: Kernel Exploitation -> Integer Overflow
  15. Part 15: Kernel Exploitation -> UAF
  16. Part 16: Kernel Exploitation -> Pool Overflow
  17. Part 17: Kernel Exploitation -> GDI Bitmap Abuse (Win7-10 32/64bit)
  18. Part 18: Kernel Exploitation -> RS2 Bitmap Necromancy
  19. Part 19: Kernel Exploitation -> Logic bugs in Razer rzpnk.sys

Fuzzing

TODO later

AV Bypass

TODO later https://captmeelo.com/exploitdev/osceprep/2018/07/16/backdoor101-part1.html https://captmeelo.com/exploitdev/osceprep/2018/07/21/backdoor101-part2.html

More Repositories

1

mdisec-twitch-yayinlari

https://twitch.tv/mdisec
1,035
star
2

golang-for-hackers-turkish-edition

Golang for Hackers
254
star
3

topluluk-makale

MDISEC Twitch yayınlarına katılan topluluk tarafından hazırlanacak makalelerin süreç yönetimi için kullanılan repodur.
71
star
4

pardus-liderahenk-0day-RCE

Go
32
star
5

codebreakers-dev-to-hacker

CodeBreakers: From Dev to Hacker - Teaching developers to how become a app sec ninja !
JavaScript
28
star
6

captchasec

Captchasec is a captcha difficulty tester. It uses de-captcher.com as an OCR server.
Python
26
star
7

removeTweets

Delete all of your tweets
Python
23
star
8

akgulyzer

Akgulyzer; komut satiri rastgele metin uretici ve encoder.
Python
19
star
9

skiddie_trapper

It's a javascript project to set up trap for people who want to find web application vulnerability on your system.
PHP
11
star
10

django-forceauth

A Django package that force authentication requirement by default on every single endpoint.
Python
11
star
11

crpyto101-egitim

mehmetince.net adresi üzerinde yayınlanacak olan crypto101 eğitim serisinin kod örnekleri.
Python
7
star
12

hacktrick14_web_ctf

hacktrick 14 web app ctf source codes
PHP
5
star
13

MdiseCTF

Ödüllü MdiseCTF serisinin kaynak kodları.
Python
4
star
14

intelBANK

IntelBank Vulnerable Banking Solutions
PHP
3
star
15

mdisec

Config files for my GitHub profile.
3
star
16

crypto_post

Encrypt your http post request's body to protect your form variables from hackers.
PHP
3
star
17

autoTweetWordpressPosts

It's basic python bot application. Nothing about "rocket science"
Python
2
star
18

codeigniter-object-inj

Exploitable Codeigniter.
PHP
2
star
19

test

test
1
star
20

Comparison-Sorting-Algorithms

Comparison most popular 5 Sorting Algorithms on huge data stack.
C++
1
star
21

NessusReportManager

Nessus raporlarının bg process bazında db ye isleyebilen. Farklı userlara vulnerability job assign edebildiginiz. Grafiksel olarak detaylı ve görsel analizler yapabilmenize yarayan uygulama.
PHP
1
star