Summary
- 前言
- 三、分类专题篇
- 四、技巧篇
- 六、题解篇
- Pwn
- 6.1.2 pwn NJCTF2017 pingme
- 6.1.4 pwn BackdoorCTF2017 Fun-Signals
- 6.1.6 pwn DefconCTF2015 fuckup
- 6.1.8 pwn DCTF2017 Flex
- 6.1.10 pwn 0CTF2017 BabyHeap2017
- 6.1.12 pwn N1CTF2018 vote
- 6.1.14 pwn 32C3CTF2015 readme
- 6.1.16 pwn HITBCTF2017 1000levels
- 6.1.18 pwn HITBCTF2017 Sentosa
- 6.1.20 pwn 33C3CTF2016 babyfengshui
- 6.1.22 pwn HITCONCTF2016 Sleepy_Holder
- 6.1.24 pwn HITCONCTF2016 House_of_Orange
- 6.1.26 pwn 34C3CTF2017 300
- 6.1.28 pwn ASISCTF2016 b00ks
- 6.1.30 pwn HITCONCTF2017 Ghost_in_the_heap
- 6.1.33 pwn 34C3CTF2017 LFA
- 6.1.35 pwn 0CTF2018 heapstorm2
- Reverse
- Web
- Crypto
- Misc
- Mobile
- Pwn
- 七、实战篇
- 八、学术篇
- 8.2 Return-Oriented Programming without Returns
- 8.4 ROPdefender: A Detection Tool to Defend Against Return-Oriented Programming Attacks
- 8.6 Hacking Blind
- 8.8 All You Ever Wanted to Know About Dynamic Taint Analysis and Forward Symbolic Execution (but might have been afraid to ask)
- 8.10 AEG: Automatic Exploit Generation
- 8.12 ASLR on the Line: Practical Cache Attacks on the MMU
- 8.14 Who Allocated My Memory? Detecting Custom Memory Allocators in C Binaries
- 8.16 DynaLog: An automated dynamic analysis framework for characterizing Android applications
- 8.18 MaMaDroid: Detecting Android malware by building Markov chains of behavioral models
- 8.20 DroidAnalytics: A Signature Based Analytic System to Collect, Extract, Analyze and Associate Android Malware
- 8.22 Practical Memory Checking With Dr. Memory
- 8.24 How to Make ASLR Win the Clone Wars: Runtime Re-Randomization
- 8.26 Driller: Augmenting Fuzzing Through Selective Symbolic Execution
- 8.28 Cross-Architecture Bug Search in Binary Executables
- 8.30 Preventing brute force attacks against stack canary protection on networking servers
- 8.32 Unleashing MAYHEM on Binary Code
- 8.34 Enhancing Symbolic Execution with Veritesting
- 8.36 A Survey of Symbolic Execution Techniques
- 8.38 TaintEraser: Protecting Sensitive Data Leaks Using Application-Level Taint Tracking
- 8.40 EXE: Automatically Generating Inputs of Death
- 8.42 Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software
- 8.44 Superset Disassembly: Statically Rewriting x86 Binaries Without Heuristics
- 8.46 FreeGuard: A Faster Secure Heap Allocator
- 8.48 Reassembleable Disassembling
- 8.50 A Large-Scale Analysis of the Security of Embedded Firmwares