2021
- Aug 7afl+preeny实现对交互应用的fuzz
- Aug 7UDP通信程序的fuzz思路与CVE-2018-18066分析
- Aug 7Rick教你写shellcode系列之邪恶的pdf
- Aug 7Rick提权CVE-2020-8835下的几种另类提权尝试
- Aug 7MuddyWaterAPT之宏病毒分析
- Aug 7CVE-2019-6445分析复现
- Aug 7APT37分析之Final1stspy
- Mar 30理解DynELF
- Mar 25Frida试用
- Mar 23falco与sysdig试用
2020
- Dec 10iterm2+sshpass实现远程ssh与文件传输
- Nov 21关于LD_PRELOAD对抗总结
- Oct 3HELK安装和试用
- Sep 22网络层面识别横向移动
- Sep 20bluespawn工具试用
- Sep 17试用JA3进行STL流量监控
- Sep 8Domain Fronting配置手册
- Aug 26dnscat2工具使用
- Aug 11cve-2020-8647
- Jul 29magicheap unsortbin attack
- Jul 29heapcreator heap off by one
- Jul 29bamboobox house of force and unlink
- Jul 28babysecretgarden fastbin attack
- Jul 28hacknote:UAF的简单利用
- Jul 19linux系统编程之高级IO
- Jul 14linux系统编程之IPC通信
- Jul 6userfaltfd在内核中的利用
- Jun 27kernel pwn 之 ret2dir
- Jun 15栈变量未初始化漏洞
- Jun 15堆喷相关
- Jun 15任意读写漏洞进行提权
- Jun 11kernel pwn wctf2018-klist
- Jun 2Linux kernel 4.20 BPF 漏洞复现
- May 28TCP协议通信的fuzz方法
- May 20使用Syzkaller进行内核fuzz
- May 15CISCN2017 babydriver
- May 142019 STARCTF hackme
- May 142018 kernel pwn core
- May 142018 0CTF Finals Baby Kernel
- Apr 3af-fuzz的完整过程
- Mar 3宏病毒提取姿势
- Mar 1算法逆向第一课
- Feb 10Windbg preview+virtualbox双机内核调试环境搭建
- Jan 19跟着ATT&CK学安全之privilege-escalation
- Jan 16跟着ATT&CK学安全之lateral-movement
- Jan 16跟着ATT&CK学安全之exfiltration
- Jan 16跟着att&ck学安全之discovery
- Jan 16跟着ATT&CK学安全之command-and-control
- Jan 15跟着ATT&CK学安全之persistence
- Jan 15跟着ATT&CK学安全之initial access
- Jan 15跟着ATT&CK学安全之execution
- Jan 15跟着ATT&CK学安全之defense-evasion
- Jan 15跟着ATT&CK学安全之credential-access
- Jan 15跟着ATT&CK学安全之collection
- Jan 8恶意程序分析
- Jan 8Windows核心编程入门笔记
- Jan 3通过ssh访问NAT网络模式下的Linux虚拟机
- Jan 2pwn BCTF2017 babyuse
2019
- Dec 31qemu环境搭建
- Dec 30CVE-2018-5767 httpd
- Dec 26pwn lctf2018 easy_heap
- Dec 25pwn BCTF2016 bcloud
- Dec 24pwn 0ctf2017 babyheap
- Dec 22pwn plaidctf2015 plaiddb
- Dec 20heap教程(二)
- Dec 18pwn 0ctf2015 freenote
- Dec 17KernelROP
- Dec 16Seccomp and Ptrace
- Dec 15fastbin attack
- Dec 13pwn HITBCTF2017_1000levels
- Dec 9SystemTap安装
- Dec 6CVE-2017-9430 DNSTracer
- Dec 6AFL工具总结
- Dec 5CVE-2016-4971 wget
- Dec 4CVE-2017-13089 wget
- Dec 4CVE-2017-11543 tcpdump sliplink_print
- Dec 3pwn pwnable login
- Dec 3pwn DefCampCTF2016 SMS
- Dec 3pwn BCTF2017 100levels
- Dec 3pwn 360ichunqiu2017 smallest
- Dec 2pwn pwnable login
- Dec 2pwn Alictf2016 vss
- Dec 1pwn prectf2015 xpl
- Dec 1pwn XCTF2016 b0verfl0w
- Nov 29pwn LCTF2016 pwn100
- Nov 28C语言总结
- Nov 26pwn grehackctf2017 beerfighter
- Nov 25glibc内存管理ptmalloc源代码分析笔记
- Nov 25OneGadget与获取maps运行权限
- Nov 24堆溢出之house of 系列
- Nov 24二进制中的常见保护
- Nov 21二进制中遇到的问题汇总
- Nov 21Protostar教程之unlink
- Nov 20Linux_x64 PWN
- Nov 18给libc添加debug symbol
- Nov 18GHOST PoC Explained
- Nov 16pwn XDCTF2015 pwn200
- Nov 16return to Dynamic Resolver
- Nov 16pwn LCTF2016 pwn200
- Nov 16pwn BackdoorCTF2017 Fun-Signals
- Nov 14基于堆的Off-By-One漏洞
- Nov 12pwn HCTF2016 brop
- Nov 12pwn NJCTF2017 pingme
- Nov 11查找function加载的地址
- Nov 10通过GOT overwrite 和GOT dereference绕过ASLR
- Nov 9堆溢出之unlink
- Nov 8通过return to plt绕过ASLR
- Nov 8通过return-to-libc绕过NX
- Nov 8通过chained return-to-libc绕过NX
- Nov 8通过brute force绕过ASLR
- Nov 7编写EXP常见的问题
- Nov 7整数溢出
- Nov 7基于栈的Off-By-One漏洞
- Nov 6经典的栈溢出
- Oct 29基于Mitmproxy实现的多终端全网流量监控
2018
- Aug 30CVE-2018-16373
- Aug 30CVE-2018-16370
2000
- Jan 1demo