Home
Articles
📝 Corelan content by topic
🔖 Tag cloud
Community
👥 Discord
🛠️ Tools
Support Us
Buy Merchandise
Donate
Training
About
About me
About Corelan Team
Contact me
Terms of Use
Home
Articles
📝 Corelan content by topic
🔖 Tag cloud
Community
👥 Discord
🛠️ Tools
Support Us
Buy Merchandise
Donate
Training
About
About me
About Corelan Team
Contact me
Terms of Use
Home
❯
Corelan Articles | Exploit Writing Tutorials & Cybersecurity Insights
Sitemap →
Corelan Articles | Exploit Writing Tutorials & Cybersecurity Insights
corelanc0d3r
This article has 1,528 views
Active Directory
Free tool : Find out where your AD Users are logged on into
Free tool – PVE Active Directory Disable Users
Certificates
Free tool : Windows 2003/2008 Certificate Authority Certificate List Utility for pending requests and about-to-expire certificates
Cisco
Cisco VoIP Phones – A Hackers Perspective
Script to backup Cisco switches via telnet / tftp
Free Tool - Cisco Ironport C350 Safelist / Blocklist merge utility
Cisco switch IOS cheat sheet
Cons and Seminars
BlackHatEU2013 - Day2 - DropSmack: How cloud synchronization services render your corporate firewall worthless
BlackHatEU2013 - Day2 - Advanced Heap Manipulation in Windows 8
BlackHatEU2013 - Day2 - Who's really attacking your ICS devices ?
BlackHatEU2013 - Day2 - The Sandbox Roulette: Are you ready to ramble
BlackHatEU2013 - Day 1 - To dock or not to dock
BlackHatEU2013 - Day1 - Hardening Windows 8 Apps for the Windows Store
BlackHatEU2013 - Day1 - Hacking Appliances
BlackHatEU2013 - Day1 - Practical Attacks against MDM solutions
HITB2012AMS Day 2 - Ghost in the Allocator
HITB2012AMS Day 2 - Attacking XML Processing
HITB2012AMS Day 2 - Taint Analysis
HITB2012AMS Day 2 - PostScript - Danger Ahead
HITB2012AMS Day 1 - Window Shopping
HITB2012AMS Day 1 - One Flew Over The Cuckoos Nest
HITB2012AMS Day 1 - WinRT The Metro-politan Museum of Security
HITB2012AMS Day 1 - Intro and Keynote
Hack In The Box Amsterdam 2012 - Preview
BlackHat EU 2012 - Day 3
BlackHat EU 2012 - Day 2
Corelan T-Shirt Contest - Derbycon 2011
ROP your way into B-Sides Las Vegas 2011
Honeynet Workshop 2011
BlackHat Europe 2011 / Day 02
BlackHat Europe 2011 / Day 01
Blackhat Europe 2010 Barcelona - Day 10
Blackhat Europe 2010 Barcelona - Day 01
Corelan Free Tools
EncFSGui - GUI Wrapper around encfs for OSX
Jingle BOFs, Jingle ROPs, Sploiting all the things... with Mona v2 !!
Script to backup Cisco switches via telnet / tftp
Fuzzing with Metasploit : Simple FTP fuzzer
Free tool : Find out where your AD Users are logged on into
Exchange 2007/2010 : Renaming attachments ‘on the fly’ - custom transport agent
Free tool : Windows 2003/2008 Certificate Authority Certificate List Utility for pending requests and about-to-expire certificates
Nessus/OpenVAS wrapper for ike-scan
Monitoring your network with Powershell
Free tool - PVE TCP Ping Utility – v1.0.0.1
Free Tool - Cisco Ironport C350 Safelist / Blocklist merge utility
Free tool - Attachment filtering with Exchange 2007/2010 (custom transport agent)
Free Tool - Exchange 2007 Outbound SMTP gateway redundancy
Free tool – PVE Active Directory Disable Users
Crypto
EncFSGui - GUI Wrapper around encfs for OSX
Debugging
Root Cause Analysis – Integer Overflows
Heap Layout Visualization with mona.py and WinDBG
Root Cause Analysis – Memory Corruption Vulnerabilities
Jingle BOFs, Jingle ROPs, Sploiting all the things... with Mona v2 !!
Debugging Fun - Putting a process to sleep()
HITB 2011 CTF - Reversing Vectored Exception Handling (VEH)
Codegate 2011 CTF - Binary200 - Anti Debugging Techniques Explained
Anti-debugging tricks revealed - Defcon CTF Qualifications 2009: Bin300 Analysis
Starting to write Immunity Debugger PyCommands : my cheatsheet
Exploit writing tutorial part 5 : How debugger modules & plugins can speed up basic exploit development
Development
Jingle BOFs, Jingle ROPs, Sploiting all the things... with Mona v2 !!
Starting to write Immunity Debugger PyCommands : my cheatsheet
MS Exchange
Exchange 2007/2010 : Renaming attachments ‘on the fly’ - custom transport agent
Free tool - Attachment filtering with Exchange 2007/2010 (custom transport agent)
Free Tool - Exchange 2007 Outbound SMTP gateway redundancy
Exploit Writing Tutorials
Windows 10 x86/wow64 Userland heap
Root Cause Analysis – Integer Overflows
DEPS - Precise Heap Spray on Firefox and IE10
Heap Layout Visualization with mona.py and WinDBG
Root Cause Analysis – Memory Corruption Vulnerabilities
Jingle BOFs, Jingle ROPs, Sploiting all the things... with Mona v2 !!
Debugging Fun - Putting a process to sleep()
Exploit writing tutorial part 11 : Heap Spraying Demystified
WoW64 Egghunter
Universal DEP/ASLR bypass with msvcr71.dll and mona.py
Hack Notes : Ropping eggs for breakfast
Hack Notes : ROP retn+offset and impact on stack setup
Exploit writing tutorial part 10 : Chaining DEP with ROP - the Rubik's[TM] Cube
Exploiting Ken Ward Zipper : Taking advantage of payload conversion
Ken Ward Zipper exploit write-up on abysssec.com
QuickZip exploit article part 2 released on OffSec Blog
Exploit writing tutorial part 9 : Introduction to Win32 shellcoding
Starting to write Immunity Debugger PyCommands : my cheatsheet
Exploit writing tutorial part 8 : Win32 Egg Hunting
Exploit writing tutorial part 7 : Unicode - from 0x00410041 to calc
Exploit writing tutorial part 6 : Bypassing Stack Cookies, SafeSeh, SEHOP, HW DEP and ASLR
Exploit writing tutorial part 5 : How debugger modules & plugins can speed up basic exploit development
Exploit writing tutorial part 4 : From Exploit to Metasploit - The basics
Exploit writing tutorial part 3b : SEH Based Exploits - just another example
Exploit writing tutorial part 3 : SEH Based Exploits
Exploit writing tutorial part 2 : Stack Based Overflows - jumping to shellcode
Exploit writing tutorial part 1 : Stack Based Overflows
Exploits
DEPS - Precise Heap Spray on Firefox and IE10
Heap Layout Visualization with mona.py and WinDBG
Root Cause Analysis – Memory Corruption Vulnerabilities
Jingle BOFs, Jingle ROPs, Sploiting all the things... with Mona v2 !!
Metasploit Bounty - the Good, the Bad and the Ugly
Universal DEP/ASLR bypass with msvcr71.dll and mona.py
Hack Notes : Ropping eggs for breakfast
Hack Notes : ROP retn+offset and impact on stack setup
The Honeypot Incident - How strong is your UF (Reversing FU)
Death of an ftp client / Birth of Metasploit modules
Exploit writing tutorial part 10 : Chaining DEP with ROP - the Rubik's[TM] Cube
Exploiting Ken Ward Zipper : Taking advantage of payload conversion
Ken Ward Zipper exploit write-up on abysssec.com
Exploit writing tutorial part 8 : Win32 Egg Hunting
Exploit writing tutorial part 7 : Unicode - from 0x00410041 to calc
Fuzzing with Metasploit : Simple FTP fuzzer
Exploit writing tutorial part 6 : Bypassing Stack Cookies, SafeSeh, SEHOP, HW DEP and ASLR
Exploit writing tutorial part 5 : How debugger modules & plugins can speed up basic exploit development
Exploit writing tutorial part 4 : From Exploit to Metasploit - The basics
Exploit writing tutorial part 3b : SEH Based Exploits - just another example
Exploit writing tutorial part 3 : SEH Based Exploits
Exploit writing tutorial part 2 : Stack Based Overflows - jumping to shellcode
Exploit writing tutorial part 1 : Stack Based Overflows
Fuzzing
Root Cause Analysis – Memory Corruption Vulnerabilities
In Memory Fuzzing
Linux and Unix
Cheat sheet : Installing Snorby 2.2 with Apache2 and Suricata with Barnyard2 on Ubuntu 10.x
Nessus/OpenVAS wrapper for ike-scan
Malware and Reversing
Using DBI for solving Reverse Engineering 101 – Newbie Contest from eLearnSecurity
Reversing 101 - Solving a protection scheme
Debugging Fun - Putting a process to sleep()
Many roads to IAT
HITB 2011 CTF - Reversing Vectored Exception Handling (VEH)
Honeynet Workshop 2011
Codegate 2011 CTF - Binary200 - Anti Debugging Techniques Explained
Anti-debugging tricks revealed - Defcon CTF Qualifications 2009: Bin300 Analysis
The Honeypot Incident - How strong is your UF (Reversing FU)
mona
Heap Layout Visualization with mona.py and WinDBG
Networking
Cheat sheet : Installing Snorby 2.2 with Apache2 and Suricata with Barnyard2 on Ubuntu 10.x
Script to backup Cisco switches via telnet / tftp
Nessus/OpenVAS wrapper for ike-scan
Monitoring your network with Powershell
Free tool - PVE TCP Ping Utility – v1.0.0.1
Free Tool - Cisco Ironport C350 Safelist / Blocklist merge utility
Cisco switch IOS cheat sheet
Free Tool - Exchange 2007 Outbound SMTP gateway redundancy
Pentesting
Pastenum - Pastebin/pastie enumeration tool
Powershell
Monitoring your network with Powershell
Root Cause Analysis
Root Cause Analysis – Integer Overflows
Root Cause Analysis – Memory Corruption Vulnerabilities
Scripts
EncFSGui - GUI Wrapper around encfs for OSX
Jingle BOFs, Jingle ROPs, Sploiting all the things... with Mona v2 !!
Pastenum - Pastebin/pastie enumeration tool
Starting to write Immunity Debugger PyCommands : my cheatsheet
Backup & Restore Windows Server based Print Servers
Script to backup Cisco switches via telnet / tftp
Fuzzing with Metasploit : Simple FTP fuzzer
Free tool : Find out where your AD Users are logged on into
Security
EncFSGui - GUI Wrapper around encfs for OSX
DEPS - Precise Heap Spray on Firefox and IE10
Heap Layout Visualization with mona.py and WinDBG
Debugging Fun - Putting a process to sleep()
Exploit writing tutorial part 11 : Heap Spraying Demystified
WoW64 Egghunter
Metasploit Bounty - the Good, the Bad and the Ugly
Universal DEP/ASLR bypass with msvcr71.dll and mona.py
HITB 2011 CTF - Reversing Vectored Exception Handling (VEH)
Honeynet Workshop 2011
Pastenum - Pastebin/pastie enumeration tool
BlackHat Europe 2011 / Day 02
BlackHat Europe 2011 / Day 01
Codegate 2011 CTF - Binary200 - Anti Debugging Techniques Explained
Cheat sheet : Installing Snorby 2.2 with Apache2 and Suricata with Barnyard2 on Ubuntu 10.x
Anti-debugging tricks revealed - Defcon CTF Qualifications 2009: Bin300 Analysis
Hack Notes : ROP retn+offset and impact on stack setup
The Honeypot Incident - How strong is your UF (Reversing FU)
Death of an ftp client / Birth of Metasploit modules
Cisco VoIP Phones – A Hackers Perspective
WATOBO – the unofficial manual
Exploit writing tutorial part 10 : Chaining DEP with ROP - the Rubik's[TM] Cube
Blackhat Europe 2010 Barcelona - Day 10
Blackhat Europe 2010 Barcelona - Day 01
Exploiting Ken Ward Zipper : Taking advantage of payload conversion
Ken Ward Zipper exploit write-up on abysssec.com
QuickZip exploit article part 2 released on OffSec Blog
Exploit writing tutorial part 9 : Introduction to Win32 shellcoding
Starting to write Immunity Debugger PyCommands : my cheatsheet
Exploit writing tutorial part 8 : Win32 Egg Hunting
Exploit writing tutorial part 7 : Unicode - from 0x00410041 to calc
Fuzzing with Metasploit : Simple FTP fuzzer
Exploit writing tutorial part 6 : Bypassing Stack Cookies, SafeSeh, SEHOP, HW DEP and ASLR
Exploit writing tutorial part 5 : How debugger modules & plugins can speed up basic exploit development
Exploit writing tutorial part 4 : From Exploit to Metasploit - The basics
Exploit writing tutorial part 3b : SEH Based Exploits - just another example
Exploit writing tutorial part 3 : SEH Based Exploits
Exploit writing tutorial part 2 : Stack Based Overflows - jumping to shellcode
Exploit writing tutorial part 1 : Stack Based Overflows
Free tool : Find out where your AD Users are logged on into
Free tool : Windows 2003/2008 Certificate Authority Certificate List Utility for pending requests and about-to-expire certificates
Nessus/OpenVAS wrapper for ike-scan
Free Tool - Cisco Ironport C350 Safelist / Blocklist merge utility
Free tool - Attachment filtering with Exchange 2007/2010 (custom transport agent)
Free tool – PVE Active Directory Disable Users
Papers
Cheat sheet : Installing Snorby 2.2 with Apache2 and Suricata with Barnyard2 on Ubuntu 10.x
Cisco VoIP Phones – A Hackers Perspective
WATOBO – the unofficial manual
Tools
DEPS - Precise Heap Spray on Firefox and IE10
Heap Layout Visualization with mona.py and WinDBG
Uncategorized
BlackHatEU2013 - Day2 - The Sandbox Roulette: Are you ready to ramble
Debugging Fun - Putting a process to sleep()
WoW64 Egghunter
HITB 2011 CTF - Reversing Vectored Exception Handling (VEH)
Honeynet Workshop 2011
Video
Codegate 2011 CTF - Binary200 - Anti Debugging Techniques Explained
Anti-debugging tricks revealed - Defcon CTF Qualifications 2009: Bin300 Analysis
Web Application Security
WATOBO – the unofficial manual
Windows Internals
Windows 10 x86/wow64 Userland heap
Windows Server
Backup & Restore Windows Server based Print Servers
Free tool : Windows 2003/2008 Certificate Authority Certificate List Utility for pending requests and about-to-expire certificates
Tags:
Sitemap →
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
Statistics
The technical storage or access that is used exclusively for statistical purposes.
The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options
Manage services
Manage {vendor_count} vendors
Read more about these purposes
Accept
Deny
View preferences
Save preferences
View preferences
{title}
{title}
{title}
Manage consent
Subscribe
