Exploiting-Resources

Overview

This repository is a repository with various resources for learning how to exploit Windows. It also has resources to prepare for certifications such as OSED or OSEE.

This is another repository that contains my personal notes with links to interesting resources on exploiting. Feel free to use it as you see fit.

Table of Contents

• Interesting profiles
• Exploiting courses
• PDFs
• Concepts
• Tools
  • WinDbg
  • Reversing
  • Security features
• Python
• Train
  • Plataformas
  • Chalenges
• Videos
• Various resources
• Game Hacking
  • Courses
  • Examples
  • Game Hacking Videos
• Disclaimer

Interesting profiles

• MangaD --> https://github.com/MangaD?tab=repositories

Exploiting courses

• How to get started --> https://hackmd.io/@LJP/BJ-qG_14U

• Various courses --> https://p.ost2.fyi/

• Various blogs --> https://www.corelan.be/

• Zero to God --> https://fuzzysecurity.com/tutorials.html

• Course for OSEE --> https://github.com/gscamelo/OSEE

PDFs

• Lots of PDFs --> https://elhacker.info/manuales/Exploit/

• Library of PDFs --> https://github.com/media-lib/prog_lib/tree/master

• Modern Exploit Development pdf --> https://docs.alexomar.com/biblioteca/Modern%20Windows%20Exploit%20Development.pdf

• Kernel Exploitation --> https://dn790006.ca.archive.org/0/items/DSStore_20161129/Library/ComputerScience/AGuideToKernelExploitation.pdf

• Windows System Programming --> https://github.com/media-lib/prog_lib/blob/master/windows/Charles%20Petzold%20-%20Programming%20Windows%20(6th%20Edition,%20Win8).pdf

• Windows Internals --> https://ia800804.us.archive.org/28/items/windowsprogram/Windows%20Internals%20Part%201%20%286th%20Edition%29.pdf

• IDA Pro Book --> https://github.com/TheDice/hacking_books/blob/master/The%20IDA%20Pro%20Book%2C%202nd%20Edition%20(ChrisEagle).pdf

• Reversing --> https://github.com/media-lib/prog_lib/blob/master/general/Eldad%20Eilam%20-%20Reversing%20-%20Secrets%20of%20Reverse%20Engineering.pdf

• Assembly --> https://github.com/media-lib/prog_lib/blob/master/general/Randall%20Hyde%20-%20The%20Art%20of%20Assembly%20Language%2C%202nd%20Edition.pdf

• Assembly2 --> http://library.bagrintsev.me/ASM/Introduction%20to%2064bit%20Intel%20Assembly%20Language%20Programming%20for%20Linux.2011.pdf

• Introducction to C --> https://www.cse.chalmers.se/edu/resources/mop/documents/An_introduction_to_the_C_Programming_Language.pdf

• C language --> https://triton.astroscu.unam.mx/fruiz/introduccion/c/libros/Lenguaje_Programacion_C.pdf

Concepts

• Assembly x86 - 64 --> https://p.ost2.fyi/courses/course-v1:OpenSecurityTraining2+Arch1001_x86-64_Asm+2021_v1/about

• HTB Asembly --> https://academy.hackthebox.com/module/details/85

• C++ --> https://learncpp.com/

• GDB Introductory --> https://p.ost2.fyi/courses/course-v1:OpenSecurityTraining2+Dbg1012_IntroGDB+2024_v1/about

• Shellcoding (x64) --> https://www.m0n1x90.dev/blog/shellcoding/1

• Protection Bypass --> https://medium.com/@wam0x0x0/stack-overflow-protection-and-bypass-techniques-rop-aslr-canaries-and-more-f5d992c3ab79

• More Protection Bypass --> https://bsssq.xyz/posts/aslr_rop/

Tools

WinDbg

• Cheatsheat --> https://hackmd.io/@LJP/Bk9F9I7Zt

• Guide --> https://gist.github.com/MangaD/3bbeae1b326351b2728d856fb5cd651c

• Introductory WinDbg --> https://p.ost2.fyi/courses/course-v1:OpenSecurityTraining2+Dbg1011_WinDbg1+2024_v1/about

• Intermediate WinDbg --> https://p.ost2.fyi/courses/course-v1:OpenSecurityTraining2+Dbg2011_WinDbg2+2021_v1/about

• Advanced WinDbg --> https://p.ost2.fyi/courses/course-v1:OpenSecurityTraining2+Dbg3011_WinDbg3+2023_v1/about

• More tutorials --> https://www.codeproject.com/articles/Windows-Debuggers-Part-1-A-WinDbg-Tutorial#comments-section

• Quizs --> https://quizlet.com/12326943/windbg-kernel-mode-extension-commands-flash-cards/

• Extensions --> https://github.com/anhkgg/awesome-windbg-extensions

• WinDbg in rust --> https://github.com/opedroso/rust-windbg

• Code Caver --> https://github.com/nop-tech/code_caver?tab=readme-ov-file

• OSED --> https://github.com/epi052/osed-scripts

Reversing

• Basic Ghidra --> https://p.ost2.fyi/courses/course-v1:OpenSecurityTraining2+Dbg1102_IntroGhidra+2024_v2/about

• Basic IDA --> https://p.ost2.fyi/courses/course-v1:OpenSecurityTraining2+Dbg1101_IntroIDA+2024_v1/about

• For .net --> https://github.com/dnSpy/dnSpy

• For PE files --> https://hshrzd.wordpress.com/pe-bear/

Security features

• Winchecksec --> https://github.com/trailofbits/winchecksec

• Checksec --> https://github.com/slimm609/checksec

  • Cheatseat --> https://slimm609.github.io/checksec/

Python

• Pwntools --> https://github.com/Gallopsled/pwntools

  • Pwntools Cheatsheet --> https://corgi.rip/posts/pwntools-cheatsheet/

• PWiNTOOLS --> https://github.com/masthoon/pwintools

  • Python For Windows --> https://github.com/hakril/PythonForWindows
  • Capstone --> https://www.capstone-engine.org/download.html

• ROPgadget -->https://github.com/JonathanSalwan/ROPgadget

Train

Plataformas

• Crackmes --> https://crackmes.one/lasts/1

• Pwn.college --> https://pwn.college/windows-warzone

Chalenges

• adress_book.exe --> https://github.com/expressitoo/ctf-wu/tree/main/2024/ecw-quals/pwn/address_book

  • Writeup --> https://blog.randorisec.fr/ctf-ecw-2024/

• Starlabs2025 --> https://starlabs.sg/blog/2025/01-star-labs-2025-new-year-exploitation-challenge/

  • Writeup --> https://starlabs.sg/blog/2025/03-star-labs-windows-exploitation-challenge-2025-writeup/

• Kernel HackSys --> https://github.com/hacksysteam/HackSysExtremeVulnerableDriver

Videos

•  WinDBG 1 --> https://www.youtube.com/watch?v=QuFJpH3My7A

•  WinDBG 2 --> https://www.youtube.com/watch?v=8zBpqc3HkSE

•  SMEP Bypass --> https://www.youtube.com/watch?v=QGf0-jHFulg

•  Windows Kernel Exploitation 1 --> https://www.youtube.com/watch?v=Gu_5kkErQ6Y

•  Windows Kernel Exploitation 2 --> https://www.youtube.com/watch?v=2chDv_wTymc

•  Capcom.sys --> https://www.youtube.com/watch?v=pJZjWXxUEl4

•  Bypass Control Flow Guard --> https://www.youtube.com/watch?v=K929gLPwlUs

• SEH Based Overflow --> https://www.youtube.com/watch?v=LzK9dM_K-FI

• DEP Bypass with WriteProcessMemory --> https://www.youtube.com/watch?v=8kYTDK9oKV8

• DEP Bypass with VirtualAlloc --> https://www.youtube.com/watch?v=phVz8CqEng8

Various resources

• Ret2DLL --> https://henrymartin262.github.io/2024/05/15/winpwn-%E5%85%A5%E9%97%A8/

Game Hacking

Courses

• Fundamentals --> https://redteamleaders.coursestack.com/courses/c0f369dc-356d-4362-8942-b5446e02164b

Examples

• Aimbot example --> https://github.com/carlgwastaken/cs2-external-aimbot/tree/master

• Handle Hijacking example --> https://github.com/natemvm-py/CS2-HandleHijacker

Game Hacking Videos

• KeyGen2009 --> https://www.youtube.com/@KeyGen2009/videos

• Cyber Yeti --> https://www.youtube.com/@jstrosch/videos

• Casual Gamer --> https://www.youtube.com/@casualgamer1791/videos

• aXXo --> https://www.youtube.com/@axxo1337/videos

• Cazz --> https://www.youtube.com/@cazz/videos

• Cazz - Reverse Eingeneering --> https://www.youtube.com/watch?v=0_Eif2qGK7I

• Nang - Reverse Eingeneering --> https://www.youtube.com/watch?v=Wbm-a-7zc4g

Disclaimer

This Repository is for educational purposes only. Use it responsibly and only on systems you have permission to access.