Building a Compact XOR Encoder for Shellcode: A Step-by-Step Assembly Guide
If you’ve been through the [Worldmail exploit write-up]({% post_url 2020-05-09-worldmail-exploit %}) or spent any time developing shellcode, you’ve …
Windows-Exploitation
Worldmail IMAP Exploit: Writing a Public SEH Buffer Overflow From Scratch
If the stack-based buffer overflow is where exploit development starts, Structured Exception Handler overflows are where it gets more interesting. The primitive …
Bypassing ASLR: Techniques for Exploit Developers Who've Hit the Wall
So you’ve worked through the stack overflow. You’ve got EIP control. You’ve confirmed your shellcode executes cleanly in the lab. Then you …
Abusing the Stack: A Beginner's Guide to Buffer Overflow Exploit Development
Exploit development has a reputation. People hear “buffer overflow” and assume it’s reserved for the elite — some dark art practiced by a …