A curated list of awesome Windows Exploitation resources, and shiny things.
There is no pre-established order of items in each category, the order is for contribution. If you want to contribute, please read the
Table of Contents
Windows stack overflows
Stack Base Overflow Articles.
Windows heap overflows
Heap Base Overflow Articles.
Kernel based Windows overflows
Kernel Base Exploit Development Articles.
Windows Kernel Memory Corruption
Windows Kernel Memory Corruption Exploit Development Articles.
Return Oriented Programming
The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls
Blind return-oriented programming
Jump-Oriented Programming: A New Class of Code-Reuse Attack
Out of control: Overcoming control-flow integrity
ROP is Still Dangerous: Breaking Modern Defenses
Loop-Oriented Programming(LOP): A New Code Reuse Attack to Bypass Modern Defenses - by Bingchen Lan, Yan Li, Hao Sun, Chao Su, Yao Liu, Qingkai Zeng 
Systematic Analysis of Defenses Against Return-Oriented Programming -by R. Skowyra, K. Casteel, H. Okhravi, N. Zeldovich, and W. Streilein 
Return-oriented programming without returns -by S.Checkoway, L. Davi, A. Dmitrienko, A. Sadeghi, H. Shacham, and M. Winandy 
Jump-oriented programming: a new class of code-reuse attack -by T. K. Bletsch, X. Jiang, V. W. Freeh, and Z. Liang 
Stitching the gadgets: on the ineffectiveness of coarse-grained control-flow integrity protection - by L. Davi, A. Sadeghi, and D. Lehmann 
Size does matter: Why using gadget-chain length to prevent code-reuse attacks is hard - by E. Göktas, E.Athanasopoulos, M. Polychronakis, H. Bos, and G.Portokalidis 
Buffer overflow attacks bypassing DEP (NX/XD bits) – part 1 - by Marco Mastropaolo 
Buffer overflow attacks bypassing DEP (NX/XD bits) – part 2 - by Marco Mastropaolo 
Practical Rop - by Dino Dai Zovi 
Exploitation with WriteProcessMemory - by Spencer Pratt 
Exploitation techniques and mitigations on Windows - by skape
A little return oriented exploitation on Windows x86 – Part 1 - by Harmony Security and Stephen Fewer 
A little return oriented exploitation on Windows x86 – Part 2 - by Harmony Security and Stephen Fewer 
Windows memory protections
Windows memory protections Introduction Articles.
Bypassing filter and protections
Windows memory protections Bypass Methods Articles.
Typical windows exploits
Exploit development tutorial series
Exploid Development Tutorial Series Base on Windows Operation System Articles.
Disassemblers, debuggers, and other static and dynamic analysis tools.
angr - Platform-agnostic binary analysis
framework developed at UCSB’s Seclab.
BARF - Multiplatform, open
source Binary Analysis and Reverse engineering Framework.
Binary Ninja - Multiplatform binary analysis IDE supporting
various types of binaries and architecturs. Scriptable via Python.
binnavi - Binary analysis IDE for
reverse engineering based on graph visualization.
Bokken - GUI for Pyew and Radare.
Capstone - Disassembly framework for
binary analysis and reversing, with support for many architectures and
bindings in several languages.
codebro - Web based code browser using
clang to provide basic code analysis.
dnSpy - .NET assembly editor, decompiler
Evan’s Debugger (EDB) - A
modular debugger with a Qt GUI.
GDB - The GNU debugger.
GEF - GDB Enhanced Features, for exploiters
and reverse engineers.
hackers-grep - A utility to
search for strings in PE executables including imports, exports, and debug
IDA Pro - Windows
disassembler and debugger, with a free evaluation version.
Immunity Debugger - Debugger for
malware analysis and more, with a Python API.
ltrace - Dynamic analysis for Linux executables.
objdump - Part of GNU binutils,
for static analysis of Linux binaries.
OllyDbg - An assembly-level debugger for Windows
PANDA - Platform for Architecture-Neutral Dynamic Analysis
PEDA - Python Exploit Development
Assistance for GDB, an enhanced display with added commands.
pestudio - Perform static analysis of Windows
Process Monitor -
Advanced monitoring tool for Windows programs.
Pyew - Python tool for malware
Radare2 - Reverse engineering framework, with
SMRT - Sublime Malware Research Tool, a
plugin for Sublime 3 to aid with malware analyis.
strace - Dynamic analysis for
Udis86 - Disassembler library and tool
for x86 and x86_64.
Vivisect - Python tool for
X64dbg - An open-source x64/x32 debugger for windows.