Re: Self Studies - Pentesting

[chr1x <chr1x () sectester net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
Would be enough just saying "The Corelan's Tutorials". All of us
already know that those are the best resources for exploit writing for
starters.

corelanc0d3r r0x :D

chr1x

- ---
[CubilFelino Security Research Lab] http://chr1x.sectester.net
The computer security is an art form. It's the ultimate martial art."
New Forum at: http://www.sectester.net. Share your knowledge!



Leandro Quibem Magnabosco escribió:
> Bill Wildprett escreveu:
> > The link works fine!  In the first copy, part of it was broken by
> > the email
> > line wrapping.
http://www.corelan.be:8800/index.php/category/security/exploit-writing-tutor
> > ials/
> >
> >
> > Bill Wildprett
> >  
>
> Broken, once again! ha! :D
>
> I'm going to try to be helpfull here:
>
> http://www.corelan.be:8800/index.php/category/security/exploit-writing-tutorials/
>
>
> Exploit writing tutorial part 1 : Stack Based Overflows
> http://www.corelan.be:8800/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/
>
>
> Exploit writing tutorial part 2 : Stack Based Overflows – jumping to
> shellcode
> http://www.corelan.be:8800/index.php/2009/07/23/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-2/
>
>
> Exploit writing tutorial part 3 : SEH Based Exploits
> http://www.corelan.be:8800/index.php/2009/07/25/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-3-seh/
>
>
> Exploit writing tutorial part 3b : SEH Based Exploits – just another
> example
> http://www.corelan.be:8800/index.php/2009/07/28/seh-based-exploit-writing-tutorial-continued-just-another-example-part-3b/
>
>
> Exploit writing tutorial part 4 : From Exploit to Metasploit – The
> basics
> http://www.corelan.be:8800/index.php/2009/08/12/exploit-writing-tutorials-part-4-from-exploit-to-metasploit-the-basics/
>
>
> Exploit writing tutorial part 5 : How debugger modules & plugins can
> speed up basic exploit development
> http://www.corelan.be:8800/index.php/2009/09/05/exploit-writing-tutorial-part-5-how-debugger-modules-plugins-can-speed-up-basic-exploit-development/
>
>
> Exploit writing tutorial part 6 : Bypassing Stack Cookies, SafeSeh,
> HW DEP and ASLR
> http://www.corelan.be:8800/index.php/2009/09/21/exploit-writing-tutorial-part-6-bypassing-stack-cookies-safeseh-hw-dep-and-aslr/
>
>
> Exploit writing tutorial part 7 : Unicode – from 0×00410041 to calc
> http://www.corelan.be:8800/index.php/2009/11/06/exploit-writing-tutorial-part-7-unicode-from-0x00410041-to-calc/
>
>
>
> Cheers,
> --
> Leandro Quibem Magnabosco.
>
>
>
> ------------------------------------------------------------------------
>
> This list is sponsored by: Information Assurance Certification
> Review Board
>
> Prove to peers and potential employers without a doubt that you can
> actually do a proper penetration test. IACRB CPT and CEPT certs
> require a full practical examination in order to become certified.
> http://www.iacertification.org
> ------------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
 
iQEcBAEBAgAGBQJLS446AAoJEENUkd83ZfT4UOgIALFfF9ivXmK0tXqAFAXlHu2K
goB2PCY/kpudENT07r9KBDI8k5iMUPmAGWStAuA6uJI7OoccItXKNDb9l4VSIi83
74r6hIfgbL6bVVR1nTJMB0tb0JgdskjR7IhD3ogfAEoL2JYJUCG7fDGIsTQ0D9J0
+4US0y9ISCUEKoma9bRO8TYEsnpK2Z9BD1TGykDyw3UoOJ76TxMYtq1Vz9vYZc1s
nHBoCSHoqBdr8SIZN2gWydrBGDepBFtDuGmpQVuoIut0sBC/cs+2mVWqUtTX+Lwx
G+CclvEAF7t9BtRUv0tFO2fP6GYqb9LGKOogbt2n+YJ9ygmV6XiFLz/i1/qx2WY=
=7IyC
-----END PGP SIGNATURE-----


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------