eLearnSecurity Certified Exploit Development What is Shellcode https://pt.wikipedia.org/wiki/Shellcode https://searchsecurity.techtarget.com/answer/What-is-the-relationship-between-shellcode-and-exploit-code https://www.firewalls.com/blog/security-terms/shellcode/ https://www.yourdictionary.com/shellcode https://translate.google.com/translate?hl=pt-BR&sl=en&u=https://www.easytechjunkie.com/what-is-a-shellcode.htm&prev=search&pto=aue https://www.exploit-db.com/docs/english/13019-shell-code-for-beginners.pdf https://www.pcmag.com/encyclopedia/term/shellcode https://security.stackexchange.com/questions/167579/what-is-the-difference-between-a-payload-and-shellcode https://pentest.blog/tag/shellcode/ Windows SEH https://medium.datadriveninvestor.com/exploiting-millennium-mp3-studio-2-0-with-shellcode-payload-82f815bc809b https://pdfcoffee.com/lab4-windows-seh-overflow-mp3-pdf-free.html https://github.com/killvxk/Windows-Exploit-Development-practice/blob/master/Millenium-MP3-Studio-seh-calc.py https://www.exploit-db.com/exploits/9298 https://packetstormsecurity.com/files/90291/MP3-Studio-1.0-Buffer-Overflow.html https://vulners.com/exploitdb/EDB-ID:9286 https://www.exploit-db.com/exploits/42155 https://www.onsecurity.io/blog/buffer-overflow-easy-chat-server-31/ https://pdfcoffee.com/lab5-windows-seh-overflow-easychat-pdf-free.html https://www.rapid7.com/db/modules/exploit/windows/http/easychatserver_seh/ https://www.youtube.com/watch?v=WyYj5kOCFjo https://www.doyler.net/security-not-included/easy-chat-server-exploit https://www.digitalmunition.me/seh-buffer-overflow-in-easy-chat-server-1/ https://sec4us.com.br/treinamentos/desenvolvimento-de-exploits-32-bits/ Fuzzing https://www.udemy.com/course/hands-on-exploit-development-advanced/ https://www.exploit-db.com/docs/english/18924-uncovering-zero-days-and-advanced-fuzzing---slides.pdf https://cqureacademy.com/cyber-security-training/exploit-development https://www.youtube.com/watch?v=3Kc_joW2YgM https://www.youtube.com/watch?v=ltYE6kbEasM https://www.youtube.com/watch?v=50qxktPm5ic https://www.offensive-security.com/metasploit-unleashed/writing-simple-fuzzer/ https://www.hackers-arise.com/post/2017/06/21/exploit-development-part-3-finding-vulnerabilities-by-fuzzing-with-spike https://www.deepcode.ca/index.php/2017/03/20/software-exploit-development-fuzzing-with-afl/ https://resources.infosecinstitute.com/topic/intro-to-fuzzing/ https://github.com/guilhermeferreira/spikepp https://www.blackhat.com/presentations/bh-usa-02/bh-us-02-aitel-spike.ppt ASLR Bypass https://www.youtube.com/watch?v=mPbHroMVepM https://i.blackhat.com/briefings/asia/2018/asia-18-Marco-return-to-csu-a-new-method-to-bypass-the-64-bit-Linux-ASLR-wp.pdf https://github.com/cryptolok/ASLRay http://hmarco.org/cyber-security/attacks/bypass64bitsASLRLinux/offset2lib-attack.html https://www.hacking.land/2017/10/aslray-linux-elf-x32-and-x64-aslr.html?m=1 https://codingvision.net/bypassing-aslr-dep-getting-shells-with-pwntools https://www.youtube.com/watch?v=Pht6y4p63SE https://www.youtube.com/watch?v=gxU3e7GbC-M Shellcode Resource https://github.com/alphaSeclab/shellcode-resources https://drive.google.com/drive/folders/12Mvq6kE2HJDwN2CZhEGWizyWt87YunkU https://medium.com/@coturnix97/exploit-exercises-protostar-stack-5-963731ff4b71 https://github.com/helviojunior/shellcodetester https://github.com/hellman/shtest https://github.com/NullByteGTK/Shellcode-Tester https://github.com/NytroRST/ShellcodeCompiler https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/ https://github.com/shayanzare/obj2shellcode https://reverseengineering.stackexchange.com/questions/15925/how-can-i-export-only-the-opcodes-from-objdump-or-any-other-program https://www.commandlinefu.com/commands/view/6051/get-all-shellcode-on-binary-file-from-objdump https://daemoniolabs.wordpress.com/2012/03/17/transformar-saida-do-objdump-para-shellcode/ https://stackoverflow.com/questions/52369994/get-shellcode-from-object-dump-the-right-way http://www.tecland.com.br/palestras/01/01-construindo_shellcodes_por_victor.pdf https://www.exploit-db.com/docs/english/21013-shellcoding-in-linux.pdf Shellcode x32 http://shell-storm.org/shellcode/files/shellcode-827.php http://shell-storm.org/shellcode/files/shellcode-811.php https://www.exploit-db.com/exploits/44321 https://vulners.com/zdt/1337DAY-ID-27788 https://github.com/MrEcco/lzw-shellcode https://www.offensive-security.com/metasploit-unleashed/alphanumeric-shellcode/ https://github.com/SkyBulk/exploit-development/blob/master/codes/easy_rm_2.7_3_700_call_esp_jmp_esp.py https://www.exploit-db.com/exploits/42428 https://reverseengineering.stackexchange.com/questions/25672/reason-of-padding-in-exploit https://packetstormsecurity.com/files/156478/Windows-x86-Null-Free-WinExec-Calc.exe-Shellcode.html https://br-sn.github.io/OSCE-Prep-Vulnserver-KSTET-Win32-API/ https://www.vividmachines.com/shellcode/shellcode.html https://www.oreilly.com/library/view/metasploit-for-beginners/9781788295970/2717da98-f9c0-4901-a43e-6e4bac4f841d.xhtml https://snowscan.io/custom-encoder/ https://owasp.org/www-pdf-archive//HackPraAllstars_Rooting_Your_Internals_-_Michele_Orru.pdf https://forum.hackthebox.eu/discussion/4593/shellcode-crashes-after-made-connection-to-netcat-in-stack-base-buffer-overflow-tutorial https://www.ired.team/offensive-security/code-injection-process-injection/executing-shellcode-with-createfiber https://www.codeproject.com/Articles/5304605/Creating-Shellcode-from-any-Code-Using-Visual-Stud https://systemoverlord.com/2014/06/05/minimal-x86-64-shellcode-for-binsh/ https://github.com/PacktPublishing/Penetration-Testing-with-Shellcode Shellcode x64 https://github.com/MrEcco/lzw-shellcode https://www.exploit-db.com/exploits/42179 https://www.exploit-db.com/exploits/46907 http://shell-storm.org/shellcode/files/shellcode-806.php https://bufferoverflows.net/developing-custom-shellcode-x64-linux/ https://packetstormsecurity.com/files/162210/Linux-x64-execve-bin-sh-Shellcode.html https://zerosum0x0.blogspot.com/2014/12/there-are-many-versions-of-execve.html https://gist.github.com/matterpreter/03e2bd3cf8b26d57044f3b494e73bbea https://ciberseguridad.blog/como-automatizar-la-extraccion-del-shellcode-de-cobalt-strike/ https://epi052.gitlab.io/notes-to-self/blog/2018-08-04-x64-linux-metasploit-execve-bin-sh-shellcode-analysis/ https://wajid-nawazish.medium.com/developing-custom-shellcode-in-x64-57172a885d77 https://owasp.org/www-pdf-archive/Introduction_to_shellcode_development.pdf https://www.tosone.cn/ExploitDatabase/index.html?type=shellcode https://nytrosecurity.com/2019/06/30/writing-shellcodes-for-windows-x64/ https://sec4us.com.br/cheatsheet/shellcoding https://hackerculture.com.br/?p=1059 https://www.youtube.com/watch?v=rfML5DWgIfM https://silviavali.github.io/blog/2019-05-01-blog-SLAE51/ https://www.programmersought.com/article/23716896022/ https://www.pwnwiki.org/index.php/Linux/x64_-_execve_(cat_/etc/shadow)_Shellcode_(66_bytes) https://docs.pwntools.com/en/stable/shellcraft/amd64.html https://crypto.stanford.edu/~blynn/rop/ https://mmquant.net/analysis-of-metasploit-linux-x64-exec-shellcode/ https://systemoverlord.com/2014/06/05/minimal-x86-64-shellcode-for-binsh/ Awesome Exploit Development https://github.com/CyberSecurityUP/AWESOME-EXPLOIT-DEVELOPMENT https://git.plociennik.info/barszczuch/hakowanie/raw/master/2/awesome-exploit-development.pdf https://github.com/FabioBaroni/awesome-exploit-development https://www.offensive-security.com/category/vulndev/ https://onehack.us/t/awesome-exploit-development-massive-resources-collection/189926 https://0x00sec.org/t/material-for-learning-exploit-development/1727 https://github.com/wetw0rk/Exploit-Development https://github.com/SkyBulk/exploit-development https://github.com/jopraveen/exploit-development https://github.com/freddiebarrsmith/Advanced-Windows-Exploit-Development-Practice https://github.com/freddiebarrsmith/Buffer-Overflow-Exploit-Development-Practice/blob/master/README.md https://github.com/RackunSec/Exploit-Development https://github.com/tagnullde/Exploit-Development https://github.com/so87/Exploit-Development-and-Pentesting https://github.com/gh0x0st/Buffer_Overflow https://github.com/johnjhacking/Buffer-Overflow-Guide https://github.com/Tib3rius/Pentest-Cheatsheets/blob/master/exploits/buffer-overflows.rst https://github.com/joshua17sc/Buffer-Overflows https://github.com/helviojunior/live_bufferoverflow https://github.com/shashijangra22/Buffer-Overflow-Attack https://github.com/Andy53/BufferOverflowExample https://github.com/npapernot/buffer-overflow-attack https://github.com/freddiebarrsmith/Buffer-Overflow-Exploit-Development-Practice Assembly Language https://github.com/topics/assembly-language https://github.com/Apress/modern-x86-assembly-language-programming https://github.com/0xAX/asm https://github.com/Nxumalo/Assembly-Code https://github.com/topics/assembly-programming https://github.com/topics/assembly-x86 https://assembly-area55.github.io/nasm https://www.cin.ufpe.br/~eaa3/Arquivos/Assembly/Assembly%20x86%20NASM.pdf https://www.youtube.com/watch?v=W8UTCqWb2eQ https://www.youtube.com/watch?v=JjnjrfQla3k https://github.com/7h3w4lk3r/x86-nasm https://rudamoura.com/x86.html https://www.youtube.com/watch?v=wLXIWKUWpSs https://www.youtube.com/watch?v=HgEGAaYdABA https://www.youtube.com/watch?v=dkjfZyJvO0I https://www.cs.virginia.edu/~evans/cs216/guides/x86.html https://software.intel.com/content/www/us/en/develop/articles/introduction-to-x64-assembly.html https://www.youtube.com/watch?v=rxsBghsrvpI https://cs.brown.edu/courses/cs033/docs/guides/x64_cheatsheet.pdf https://docs.microsoft.com/pt-br/cpp/assembler/masm/masm-for-x64-ml64-exe?view=msvc-160 Shellcode Development https://www.youtube.com/watch?v=tlD6qwI9iN4 https://www.youtube.com/watch?v=0-_Wtz5L9ZY https://www.youtube.com/watch?v=74Y_w2_MgpY https://www.youtube.com/watch?v=Xvh8FkczNUc https://www.youtube.com/watch?v=QEkjHunT5Cs https://www.youtube.com/watch?v=rvZsvSH2pXo https://www.youtube.com/watch?v=6MnC3CiT_tc https://www.youtube.com/watch?v=CMJqeDcghws https://www.youtube.com/watch?v=DZKjidulQak https://www.pluralsight.com/courses/exploit-development-execution-metasploit-framework https://www.youtube.com/watch?v=oS2O75H57qU C Language https://www.youtube.com/watch?v=QpAhX-gsHMs https://www.youtube.com/watch?v=oZeezrNHxVo https://www.edx.org/learn/c-programming https://www.udemy.com/course/the-complete-c-programming/ https://medium.com/javarevisited/9-free-c-programming-courses-for-beginners-2486dff74065 https://www.java67.com/2020/07/5-free-courses-to-learn-c-programming.html https://cppinstitute.org/free-c-and-c-courses https://github.com/trending/c https://github.com/topics/c-programming https://github.com/PacktPublishing/Learn-C-Programming https://github.com/gouravthakur39/beginners-C-program-examples https://github.com/Heatwave/The-C-Programming-Language-2nd-Edition https://github.com/roatienza/C-Programming https://www.thegeekstuff.com/2013/06/buffer-overflow/ https://www.tallan.com/blog/2019/04/04/exploring-buffer-overflows-in-c-part-two-the-exploit/ https://www.youtube.com/watch?v=ytGATjX3nqc https://www.youtube.com/watch?v=CQ6pGrXY1Us https://www.youtube.com/watch?v=cHj4UkzcKwU https://www.ired.team/offensive-security/code-injection-process-injection/writing-and-compiling-shellcode-in-c https://adriancitu.com/2015/08/31/introduction-to-linux-shellcode-writing-part-1/ https://www.programmersought.com/article/186042228/ https://security.stackexchange.com/questions/176495/executing-a-msfvenom-shellcode-in-c-program https://bufferoverflows.net/developing-custom-shellcode-x64-linux/ https://0x00sec.org/t/linux-shellcoding-part-1-0/289 Reviews https://osandamalith.com/2020/06/25/my-journey-into-ecxd-elearnsecurity-certified-exploit-developer/ https://medium.com/kminthein/ecxd-review-813960dfc07b https://itnext.io/xds-v1-elearnsecurity-course-review-cda5bb12f95b https://www.reddit.com/r/eLearnSecurity/comments/iwh1kt/review_of_ecxd_and_ecre_elearnsecurity_courses/ https://mayaseven.com/elearnsecurity-certified-exploit-developer-ecxd-review/ Linux Stack Smashing https://stackoverflow.com/questions/1345670/stack-smashing-detected https://pt.stackoverflow.com/questions/305310/erro-stack-smashing-detected-em-c https://www.educative.io/edpresso/what-is-the-stack-smashing-detected-error https://www.vivaolinux.com.br/topico/C-C++/-stack-smashing-detected-unknown-terminated https://wiki.gentoo.org/wiki/Stack-smashing-debugging-guide https://www.exploit-db.com/papers/24085 https://www.thegeekstuff.com/2013/02/stack-smashing-attacks-gcc/ https://access.redhat.com/blogs/766093/posts/3548631 https://www.programmersought.com/article/40995878204/ https://www.sans.org/blog/stack-canaries-gingerly-sidestepping-the-cage/ http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.135.2164&rep=rep1&type=pdf https://devconnected.com/how-to-show-hidden-files-on-linux/#:~:text=The%20easiest%20way%20to%20show,%E2%80%9D%20option%20for%20%E2%80%9Call%E2%80%9D.&text=For%20example%2C%20in%20order%20to,show%20hidden%20files%20on%20Linux. https://serverfault.com/questions/2817/hidden-features-of-linux https://www.youtube.com/watch?v=AO4_M-l8B5U Ret2libc https://www.programmersought.com/article/2475157601/ https://www.youtube.com/watch?v=-cLLR-ZeTss https://www.youtube.com/watch?v=HjiiYB4AXI8 https://github.com/nnamon/linux-exploitation-course/blob/master/lessons/7_bypass_nx_ret2libc/lessonplan.md https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/babys-first-nxplusaslr-bypass/ https://pdfcoffee.com/lab10-linux-nx-bypass-pdf-free.html https://pdfcoffee.com/lab11-linux-x64-nx-bypass-pdf-free.html https://sploitfun.wordpress.com/2015/05/08/bypassing-nx-bit-using-return-to-libc/ https://nandynarwhals.org/ret2libc-namedpipes/ https://petruknisme.com/2019/07/09/smashthetux-chapter-0x00-basic-buffer-overflow-ret2libc/ LinkedIn https://www.linkedin.com/in/joas-antonio-dos-santos