OSED (EXP-301) Resources

A curated list of resources for the OSED journey.

Contents

• Resources
  • OSED Reviews and Guides
  • Topics
    • General
    • WinDBG
    • Stack Buffer Overflow
    • SEH Exploitation
    • Overcoming Space Restrictions
    • Reverse Engineering
    • Writing Custom Shellcode
    • DEP/ASLR Bypass
    • Format String Attacks
    • Exploit Samples
    • Helper Tools

Resources

OSED Reviews and Guides

Topics

General

• Securitysift: Windows Exploit Development Basics

WinDBG

• WinDBG. From A to Z
• WinDBG Cheat sheet
• Another cheat sheet
• Another cheat sheet tailored to EXP-301
• WinDBG Readable (Dark) Theme

Stack Buffer Overflow

SEH Exploitation

• FuzzySecurity: Structured Exploit Handler
• Developing SEH Exploit for Integrad Pro

Egghunters

• FuzzySecurity: EggHunters
• Safely Searching Process Virtual Address Space

Reversing

Custom Shellcode

• Iredteam: Resolving kernel32.dll and function addresses
• FuzzySecurity: Writing win32 shellcode
• Corelan.be: Writing custom shellcode
• NCC Group: Writing Small shellcode

Mitigation Bypass

• Corelan.be: DEP Bypass with ROP
• Whitepaper on Bypassing ASLR and DEP

Format Strings

• Osandamalith.com: Exploiting Fromat Strings in Windows

Exploit Samples

• dest-3:exploit_dev

Helper Tools

• JohnHammond: Rop Ripper
• JohnHammond: Stack String