1. WinDbg
  2. Mona 2
  3. Structure Exception Handling (SEH)
  4. Heap
  5. Windows Basics
  6. Shellcode
  7. Exploitme1 (ret eip overwrite)
  8. Exploitme2 (Stack cookies & SEH)
  9. Exploitme3 (DEP)
  10. Exploitme4 (ASLR)
  11. Exploitme5 (Heap Spraying & UAF)
  12. EMET 5.2
  13. Internet Explorer 10
    1. Reverse Engineering IE
    2. From one-byte-write to full process space read/write
    3. God Mode (1)
    4. God Mode (2)
    5. Use-After-Free bug
  14. Internet Explorer 11
    1. Part 1
    2. Part 2
The following two tabs change content below.

Massimiliano Tomassoli

Computer scientist, software developer, reverse engineer and student of computer security (+ piano player & music composer)

Latest posts by Massimiliano Tomassoli (see all)

Leave a Reply

31 Comments on "Contents"

Notify of

Sort by:   newest | oldest | most voted
1 year 4 months ago

Lots of great info, Mr. Tomassoli! My question is, should we have experience in Windows software development/debugging before doing this? I have knowledge of Assembly and C, but not a whole lot. I’m having a hard time trying to figure out where to start with all this. Thanks.


[…] este caso, el material liberado (no es un curso universitario) nos abre las puertas al desarrollo de exploits en Windows 7 SP1 […]

Mauricio Galindo
1 year 6 months ago

Hi Massimiliano,
Thanks for you awesome tutorial, I have a question, how did you come up with the value of multiplier as 168 bytes ? i did not get it like how to calculate it, 4 (PTR), 4 (PARAM), 40*4(RESERVED) = 168 bytes ?

2 years 23 days ago

Hi, Massimiliano.

I’m write now from Mexico, and I need to say you the link of the book indicates malware by Bitdeffender, in my browse Iceweasel.

Thanks for your work.

2 years 23 days ago

Very Good
– Fruidz