ctf all in one基本上的ctf所能涉及到的基础知识都涵盖了，是ctf热爱者提供一个入门的

文件名称: ctf all in one

所属分类: 系统安全

开发工具:

文件大小: 22mb

下载次数: 0

上传时间: 2019-04-19

提供者: qq_43******

下载 (22mb)

不能下载？报告错误

详细说明：基本上的ctf所能涉及到的基础知识都涵盖了，是ctf热爱者提供一个入门的指导书籍，能够帮助了解一些基本概念与常用软件的基本操作还有一些出题人的思想2.3.3x64dbg 1.4.3.3 2.3.4 WinDbg 1.4.34 2.3.5 LLDB 1.4.3.5 其他工具 1.4.4 2.4.1 pwntools 1.4.4.1 2.4.2zi0 1.4.4.2 2.4.3 metasploit 1.4.4.3 2.4.4 binwalk 1.4.4.4 2.4.5 Burp Suite 1.4.4.5 2.4.6 Wireshark 1.4.4.6 2.4.7 Cuckoo Sandbox 1.4.4.7 分类专题篇 Pwn 1.5.1 3.1.1格式化字符串漏洞 1.5.1.1 3.1.2整数溢出 1.5.1.2 3.13栈溢出 3.1.4返回导向编程(ROP)(x86) 1.5.1.4 3.1.5返回导向编程(ROP)(ARM) 1.5.1.5 3.16 Linux堆利用(一 1.5.1.6 317 Linux堆利用(二) 1.5.1.7 318 Linux堆利用(三 1.5.18 3.19 Linux堆利用(四) 1.5.19 3.1.10内核ROP 1.5.1.10 3.1.11 Linux内核漏洞利用 1.5.1.1 3.1.12 Windows内核漏洞利用 1.5.1.12 3.1.13竞争条件 5.1.13 3.1.14虚拟机逃逸 1.5.1.14 Reverse 1.5.2 32.1 patch二进制文件 1.5.2.1 3.2.2脱壳技术(PE) 1.5.2.2 323脱壳技术(ELF) 1.5.2.3 3.2.4反调试技术(PE) 1.5.2.4 3.2.5反调试技术(ELF) 1.5.2.5 3.2.6指令混淆 1.5.2.6 1.5.3 3.3.1SQL注入利用 1.53 3.32XSS漏洞利用 1.5.3.2 Crypt 1.54 Misc 1.5.5 Mobile 1.5.6 四丶技巧篇 1.6 4.1 Linux内核调试 1.6.1 4.2 Linux命令行技巧 1.6.2 4.3GCC编译参数解析 1.6.3 4.4GCC堆栈保护技术 1.6.4 4.5ROP防御技术 1.6.5 4.6 one-gadget RCE 166 4.7通用 gadget 1.67 4.8使用 DynELF泄露函数地址 1.68 4.9 shellcode开发 1.6.9 4.10跳转导向编程(JOP) 1.6.10 4.11 1.6.11 4.12利用 stack chk fail 1.6.12 4.13利用1OFLE结构 1.6.13 4.14 glibc tcache机制 1.6.14 4.15利用 vsyscal和vDsO 1.6.15 五、高级篇 1.7 5.0软件漏洞分析 5.1模糊测试 1.72 5.1.1 AFL fuzzer 1.7.2 5.1.2 buZzer 1.7.22 5.2动态二进制插桩 17.3 5.2.1Pin 1.7.3.1 5.2.2 DynamoRio 1.7.3.2 5.2.3 Valgrind 1.7.3.3 5.3符号执行 5.3.1 angr 1.7.4.1 5.3.2 Triton 1.7.4.2 5.3.3 KLEE 1.74.3 5.3.4s2E 1.74.4 5.4数据流分析 1.7.5 5.4.1 Soot 1.7.5.1 5.5污点分析 1.7.6 5.5.1 Taintcheck 1.7.6.1 5.6 LLVM 5.6.1 Clang 1.7.7.1 57程序切片 1.7.8 5. 8 SAT/SMT 1.7.9 5.8.1Z3 1.7.9.1 59基于模式的漏洞分析 1.7.10 5.10基于二进制比对的漏洞分析 1.7.11 5.11反编译技术 1.7.12 5.11.1 RetDec 1.7.12.1 六、题解篇 18 Pwn 1.8.1 6.1.1 pwn HCTF2016 brop 1.8.1.1 6.1.2 pwn NJCTF2017 pingme 1.8.1.2 6.1.3 pwn XDCTF2015 pwn200 1.8.1.3 6.1.4 pwn BackdoorCTF 2017 Fun-Signals 1.8.1.4 6.1.5 pwn GreHackCTF2017 beerfighter 1.8.1.5 6.1.6 pwn DefconCTF2015 fuckup 1.8.1.6 6.1.7 pwn OCTF2015 freenote 1.8.1.7 6.1.8 pwn DCTF2017 Flex 1.8.1.8 6.1.9 pwn RHme3 Exploitation 1.8.1.9 6.1.10 pwn OCTF2017 BabyHeap2017 1.8.1.10 6.1.11 pwn 9447CTF2015 Search-Engine 1.8.1.1 6.1.12 pwn N1CTF2018 vote 18.1.12 6.1.13 pwn 34C3CTF2017 readme revenge 18.1.13 6.1.14 pwn 32C3CTF2015 readme 1.8.1.14 6.1.15 pwn 34C3CTF2017 SimpleGC 8.1.15 6.1.16 pwn HITBCTF2017 1000levels 1.8.1.16 6.1.17 pwn SECCONCTF2016 jmper 1.8.1.17 6.1.18 pwn HITBCTF2017 Sentosa 1.8.1.18 6.1.19 pwn HITBCTF2018 gundam 1.8.1.19 6. 1.20 pwn 33C3CTF2016 babyfengshui 1.8.1.20 6.1.21 pwn HITCONCTF2016 Secret Holder 1.8.1.21 6.1.22 pwn HITCONCTF2016 Sleepy_ Holder 8.122 6.1.23 pwn BCTF2016 cloud 1.8.1.23 6. 1.24 pwn HITCONCTF2016 House of Orange 1.8.1.24 6. 1.25 pwn HCTF2017 babyprintf 1.8.125 6.1.26pWn34c3CTF2017300 1.8.1.26 6.1.27 pwn SECCONCTF2016 tinypad 1.8.1.27 6.1.28 pwn ASISCTF2016 boOks 18.1.28 6.1.29 pwn Insomni hack teaserCTF2017 The Great Escape part 3 1.8.1.29 6.1.30 pwn HITCONCTF2017 Ghost in the heap 1.8.1.30 6.1.31 pwn HITBCTF2018 mutepig 1.8.1.31 6.1. 32 pwn SECCONCTF2017 vm no fun 18.132 6. 1.33 pwn 34C3CTF2017 LFA 18.1.33 6. 1.34 pwn N1CTF2018 memsafety 1.8.1.34 6.1.35 pwn OCTF2018 heapstorm2 1.8.135 Reverse 1.8.2 6.2.1 re XHPCTF2017 dont panic 1.8.2 6.2.2 re ECTF2016 tayy 18.2.2 6.2.3 re CodegateCTF2017 angrybird 18.2.3 6.2.4 re CSAWCTF2015 wyvern 1.8.2.4 6.2.5 re PicocTF2014 Baleful 1.8.2.5 6.2.6 re SECCONCTF2017 printf machine 18.2.6 6.2.7 re CodegateCTF2018 RedVelvet 1.8.2.7 6.2.8 re DefcampCTF2015 entry language 18.2.8 Web 1.8.3 6.3.1 web HCTF2017 babycrack 1.8.3.1 Crypto 18.4 Misc 18.5 ople 18.6 七、实战篇 1.9 CVE 1.9.1 7.1.1cvE-2017-11543 tcpdump sliplink print栈溢出漏洞1.9.1.1 7.1.2cVE-2015-0235glbc_ nss hostname digits dots堆溢出漏 19.1.2 7.1.3cVE2016-4971Wget任意文件上传漏洞 1.9.1.3 7.14CVE2017-13089 wget skip short body栈溢出漏洞1.9.14 7.1.5CV-2018-1000001 glibc realpath缓冲区下溢漏洞19.15 7.1.6CVE-2017-9430 DNSTracer栈溢出漏洞 19.1.6 7.1.7CVE-2018-6323 GNU binutils elf object p整型溢出漏洞 7.18CVE2010-2883 Adobe CoolType SING表栈溢出漏洞19.17 7.1.9 CVE-2010-3333 Microsoft Word RTF pFragments #im.9.1.8 出漏洞 1.9.19 Malware 19.2 八、学术篇 1.10 8.1 The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls(on the X86 1.10.1 8.2 Return-Oriented Programming without returns 1.10.2 8.3 Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanisms 1.10.3 8.4 ROPdefender: A Detection Tool to Defend Against Return-Oriented Programming Attacks 1.104 8.5 Data-Oriented Programming: On the Expressiveness of Non-Control Data Attacks 1.10.5 8.6 Hacking Blind 1.10.6 8.7 What Cannot Be Read, Cannot Be Leveraged? Revisiting Assumptions of JIT-ROP Defenses 1.10.7 8.8 All You Ever Wanted to Know About Dynamic Taint Analysis and Forward Symbolic Execution(but might have been afraid to ask) 1.10.8 8.9 Symbolic Execution for Software Testing: Three Decades Later 8.10 AEG: Automatic Exploit Generation 1.10.101.10.9 8. 11 Address Space Layout Permutation(AsLP): Towards Fine-Grained Randomization of Commodity Software 1.10.11 8.12 ASLR on the line: Practical cache attacks on the mmu.10.12 8.13 New Frontiers of Reverse Engineering 1.10.13 8.14 Who Allocated My Memory? Detecting Custom Memory Allocators in c binaries 1.10.14 8.15 EMULATOR VS REAL PHONE: Android Malware Detection Using Machine Learning 1.10.15 8.16 DynaLog: An automated dynamic analysis framework for characterizing Android applications 1.10.16 8.17A Static Android malware Detection based on actual used Permissions combination and apl calls 1.10.17 8.18 MaMaDroid: Detecting Android malware by building Markov chains of behavioral models 1.10.18 8.19 DroidNative: Semantic-Based Detection of android native code Malware 1.10.19 8.20 DroidAnalytics: A Signature Based Analytic System to Collect, Extract, Analyze and Associate Android Malware 1.10.20 8.21 Micro-Virtualization Memory Tracing to Detect and Prevent Spraying Attacks 1.10.21 8.22 Practical Memory Checking With Dr Memory 1.10.22 8.23 Evaluating the Effectiveness of Current Anti-ROP Defenses 8. 24 How to make aslr Win the clone Wars, Runtime re 1.10.23 Randomization 1.1024 8.25(State of) The Art of War: Offensive Techniques in Binary Analysis 8.26 Driller: Augmenting Fuzzing Through Selective Symbolic 1.10. 25 Execution 1.10.26 8.27 Firmalice Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware 1.10.27 8.28 Cross-Architecture Bug Search in Binary Executables 1.10.28 8.29 Dynamic Hooks: Hiding Control Flow Changes within Non-Control Data 1.10.29 8.30 Preventing brute force attacks against stack canary protection on networking servers 1.10.30 8. 31 WYSINWYX What You see is not what you execute 1.10.31 8.32 Unleashing MAYHEM on Binary Code 1.10.32 8.33 Under-Constrained Symbolic EXecution: Correctness Checking for Real Code 1.10.33 8.34 Enhancing Symbolic Execution with Veritesting 1.10.34 8.35 Q: EXploit Hardening Made Easy 1.10.35 8.36 A Survey of Symbolic Execution Techniques 1.1036 8.37 CUTE: A Concolic Unit Testing Engine for C 1.10.37 8.38 TaintEraser: Protecting Sensitive Data Leaks Using Application Level Taint Tracking 1.10.38 8.39 DART: Directed Automated Random Testing 1.10.39 8.40 EXE: Automatically Generating Inputs of Death 1.10.40 8.41 IntPatch: Automatically Fix Integer-Overflow-to-Butfer-Overflow Vulnerability at Compile-Time 1.10.41 8.42 Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software 1.1042 8.43 DTA++: Dynamic Taint Analysis with Targeted Control-Flow Propagation 1.1043 8.44 Superset Disassembly: Statically Rewriting x86 Binaries Without Heuristics 1.10.44 8.45 Ramblr: Making Reassembly great again 1.1045 8.46 Free Guard: A Faster Secure Heap Allocator 1.1046 8.47 Jump-Oriented Programming: A New Class of Code-Reuse Attack 8.48 Reassembleable Disassembling 1.10481.1047 8.49 Understanding Integer Overflow in C/C++ 1.1049 九、附录 1.11 9.1更多LnuX工具 9.2更多 Windows工具 1.11.2 9.3更多资源 94 Linux系统调用表 1.11.4 9.5幻灯片 1.11.5

(系统自动生成,下载前可以参看下载内容)