Corelan Research

Two decades of exploit development research, techniques, and knowledge β€” shared openly and for free with the community.

Quick links:

πŸ“‘ Exploit Development 
tutorials

πŸŽ₯​ Exploit Development 
videos

πŸ“š Tutorials on Debugging

🧑 Support us

⭐️ Exploit Development training

All articles:

 Hack Notes : ROP retn+offset and impact on stack setup

corelanc0d3rJanuary 30, 2011

Yesterday, sickn3ss (one of the frequent visitors of the #corelan channel on freenode IRC) posted a really interesting question. The question …

​ Read More

 Case Study: SolarWinds Orion (video)

Corelan Team (Lincoln)December 14, 2010

Special Thanks: To my wife for putting up with my crap. Also SolarWinds for keeping an open communication while fixing the issue. And of course... …

​ Read More

 Malicious pdf analysis : from price.zip to flashplayer.exe

corelanc0d3rNovember 18, 2010
This morning, my generic attachment filter for MS Exchange reported that about 100 emails were put in quarantine because they contained a small zip …
​ Read More

 Offensive Security Exploit Weekend

Corelan Team (Sud0)November 13, 2010

Introduction I'm excited and honored to be able to announce that Sud0, one of our Corelan Team members, has won the Offensive Security Exploit …

​ Read More

 Metasploit module : HTTP Form field fuzzer

corelanc0d3rNovember 12, 2010

Introduction About a month after releasing an ftp client fuzzer module for Metasploit, I decided to release yet another fuzzer module I have been …

​ Read More

Corelan Research is a long-running cybersecurity research project focused on exploit development, vulnerability research and Windows internals.   Since 2009, we have published deep technical tutorials covering topics such as stack-based exploitation, heap exploitation, shellcoding, reverse engineering and debugging. 
These tutorials have helped thousands of security researchers, penetration testers, exploit developers and exploit dev trainers learn how modern memory corruption vulnerabilities work.