I put some time in and compiled a list in a course type layout to help people in process of learning exploit development. I hope my research will help others spend more time learning and less time searching.
First off I want to thank the corelan guys for the help they have provided me so far in the process.
layout: I will be posting in a hierarchical structure, each hierarchy structure should be fully understood before moving on to the next section. I will also post sets of Parallel learning topics that you can use to study in line with other topics to help prevent monotony. These Parallel areas will have a start and end mark which shows when they should be complete in perspective to the overall learning
desktop background Link to Backgrounds
Other Posts like this one:
Because of quality of these posts I wanted to put them at the top. I could not figure out where to put them in the list because they cover so much.
past-present-future of windows exploitation
smashing the stack in 2010
Part 1: Programming
Parallel learning #1:(complete this section before getting to the book “Hacking Art of exploitation”)
While going through the programming area I concentrate on core topics to help us later on with exploit writing. One area that is very good to pick up is some kind of scripting language. Listed below are some of the most popular scripting languages and ones I feel will prove to be the most useful.
Python: One of my favorite languages and growing in popularity python is a powerful language that is easy to use and well documented.
Learn Python the hard way
Ruby: If you plan on later on working inside of metasploit this may be the language you want to start with. I highly suggest this for exploit developers to learn.
Perl: An older language that still has a lot of use perl is one of the highest used scripting languages and you will see it used in many exploits. (I would suggest python over perl)
C and C++ programming:
It is very important to understand what you are exploiting so to get started let us figure out what we are exploiting. You do not need to go through all of these but when finished with this section you should have a good understanding of C and C++ programming.
Ok now to understand what the computer reads when we compile C and C++. I am going to mostly stick to the IA-32(X86) assembly language. Read the first link to understand why. It explains it very well.
This is to help understand what we are programming in and the structure of libraries in the OS. This area is very important far down the line
Dissassembly is not as much programming as it is what the computer understands and the way it is interpreted from CPU and memory. This is where we start getting into the good stuff.
Part 2: Getting started
Now that we have a very good understanding of programming languages and what the machine is doing we can start working on task at hand, exploitation.
Here I will start a lot of the learning in very much a list format and adding in comments or Parallel learning areas when needed.
Smash the stack for fun and profit (Phrack 49)
(Parallel learning #1 finished:
You should now have finished on Parallel learning 1 and have a good understanding of one of the 3 languages)
Parallel learning #2:(complete this section before end of part 2)
(Read the first few posts on this blog has some good info)
(Read some of the post from this blog they are very helpful with starting out with fuzzers.)
(I am linked directly to a demo exploit for this area but this is a useful blog to keep track of for many things)
((Parallel learning #2 finished:)
Part 3:Tools of the trade
This is a list of tools I have started using and find very useful.
And here are some corelan posts on how to use them. I will supply more in future but this is a very good start.
Part 4: Network and Metasploit
Beej.us network programming
Part 5: Shellcode
Part 6: Engineering in Reverse
Parallel Learning #3:(constant place to reference and use for reversing)
Part 7: Getting a little deeper into BOF
Parallel Learning #4:(To the end of the course and beyond)
Find old exploits on
download them, test them, rewrite them, understand them.
(Part A: preventions)
Buffer overflow protection
(Part B: Advanced BOF)
Part 8: Heap overflow
Part 9: Exploit listing sites
(bonus: site that lists types of vulnerabilties and info)
Common Weakness Enumberation
Part 10: To come
2. File Format
3. and more
If anyone has any good links to add post a comment and I will try to add them or send me the link and I will review and add it.
If anyone finds any bad or false information in any of these tutorials please let me know. I do not want people reading this getting bad information.
I really love that post and I want to put into my collection. So, I copied from the link provided above.