67 - Buggy Browsers, Heap Grooming, and Broken RSA

This week we get to take a look into some basic heap grooming techniques as we examine multiple heap overflows. We also briefly discuss the hand-on (by the DoD and Synack) assessment of the "unhackable" morpheus chip, and briefly discuss the new-ish paper claiming to defeat RSA.

66 - BlackHat USA, Pre-Auth RCEs, and JSON Smuggling

This week we talk a bit about newly released Black Hat 2020 and NDSS 2021 presentation videos, before jumping into several pre-auth RCEs, and some interesting exploitation research to bring a PAC enforced Shadow Stack to ARM and an examination of JSON parser interoperability issues.

Getting Started with Exploit Development

tl;dr The rest of this goes into detail about what topics matter and why from each resource, but if you want to cut to the chase and ignore that... * Prerequisites * C programming language * x86 Assembly (32bit and 64bit) * Linux terminal usage * Exploit Education - Nebula - Start thinking like an attacker and learning to do research * Open Security Training - Introduction to Software Exploitation - Fundamentals of memory corruption * Pwn College - (Added July 2022) An alt