Corelan Research

Two decades of exploit development research, techniques, and knowledge — shared openly and for free with the community.

Quick links:

Corelan Exploit Development tutorials
Support the community, get Corelan merchandise
Professional Exploit Development training

All articles:

 Codegate 2011 CTF - Binary200 - Anti Debugging Techniques Explained

Corelan Team (fancy)March 14, 2011
Aloha, Again I stumbled upon a nice reverse-me, binary200 from the Codegate 2011 CTF. And again there are some really interesting anti-debugging …
​ Read More

 Cheat sheet : Installing Snorby 2.2 with Apache2 and Suricata with Barnyard2 on Ubuntu 10.x

corelanc0d3rFebruary 27, 2011
After spending a few hours fighting a battle against Snorby and Apache2 + Passenger, I finally managed to get it to run properly on my Ubunty 10.x …
​ Read More

 Anti-debugging tricks revealed - Defcon CTF Qualifications 2009: Bin300 Analysis

Corelan Team (fancy)February 27, 2011
A while ago I stumbled upon an awesome write-up of a very nice CTF challenge created by sapheads: http://hackerschool.org/DefconCTF/17/B300.html I …
​ Read More

 The Honeypot Incident - How strong is your UF (Reversing FU)

corelanc0d3rJanuary 31, 2011
Interested in capturing, documenting and analyzing scans and malicious activity, Corelan Team decided to set up a honeypot and put it online. In the …
​ Read More

 Hack Notes : ROP retn+offset and impact on stack setup

corelanc0d3rJanuary 30, 2011

Yesterday, sickn3ss (one of the frequent visitors of the #corelan channel on freenode IRC) posted a really interesting question. The question …

​ Read More

 Case Study: SolarWinds Orion (video)

Corelan Team (Lincoln)December 14, 2010

Special Thanks: To my wife for putting up with my crap. Also SolarWinds for keeping an open communication while fixing the issue. And of course... …

​ Read More

Corelan Research is a long-running cybersecurity research project focused on exploit development, vulnerability research and Windows internals.
Since 2009, we have published deep technical tutorials covering topics such as stack-based exploitation, heap exploitation, shellcoding, reverse engineering and debugging.
These tutorials have helped thousands of security researchers, penetration testers, exploit developers and exploit dev trainers learn how modern memory corruption vulnerabilities work.