Posts
Learn Kernel Heap Cross Page Overwrite and Page Level Fengshui from a CTF challenge: IPS(VULNCON 2021)
Learn Kernel Heap Freelist Hijacking from a CTF challenge: IPS(VULNCON 2021)
Kernel: Compute Slab Order from Object Size
Understanding Linux x86-64 Paging: How to get the physical address from a virtual address
Learn msg_msg-Kernel-Exploitation from a CTF challenge: IPS(VULNCON 2021)
Introduction of Microarchitecture Exploitation
Kernel Pwn: How to compile Kernel Module?
Why is it so slow to debug kernel pwn challenges on WSL?
Inline Assembly for C
A New Format String Skill and Write-Up for HITCON 23: Wall Sina
Qemu Userspace Debugging
[JustCTF-2023] Tic Tac PWN!
[JustCTF-2023] notabug
[DEF CON Qual-2023] Write-Up
[LACTF-2023] Write-Up for Pwn Challenges
[CSAW'22 Qual] My Pwn Challenges
Google CTF 2022 S2: Escape from Google's Monitoring
Guide-of-Seccomp-in-CTF
Introduction of Kernel Pwn: userfaultfd
Introduction of Kernel Pwn: Double Fetch
Introduction of Kernel Pwn: UAF
Introduction of Kernel Pwn: Stack Overflow
XV6: Syscall and Scheduler
XV6: The Boot Procedure
Limit and Pwn the Processes: sbnote in zer0pts CTF 2022
XV6: How to write a shell
Communication of Processes in Linux - Isolated
Who Moved My Block-Real World Stack Overflow
Address Sanitize Intro
V8 OOB
0CTF/TCTF 2021 NaiveHeap
Virtual Machine Escaping:VM note
0CTF/TCTF 2021
Off By Half Byte:Baby-Dairy
How do free&malloc work
Punch Man
Qwb2021
Ret2dlresolve
Re-alloc-Revenge
CISCN2021
Setcontext
New_Features_In_Glibc-2.29
Re-alloc
Android_Cheatsheet
App_Hook_in_CTF
Cryptoals_S1
Attack_on_AES_CBC
Extract_Firmware
mips-environ
Driller2
Driller
Fuzz-AFL
Papers-Fuzzing
FuzzingPaper
Tcache stashing unlink atk
Driller_Installation
angr_AEG
codegate_2017:angrybird
Angr_Examples_Baby_re
Angr_Examples
twctf_2018_bbq
TokyoWesterns2019:asterisk_alloc
Blind Pwn
ONEPUNCH
UAF With Out One_gadget
Abyss
Outset_OF_LLVM
ByteCTF
TokyoWesterns_2019:SecureKart
Mimic
OFF-BY-ONE:TYPICAL
curse_note
Passby chunk-size limit
IO
SCTF2019
OFF_BY_ONE:2.2n
fbctf2019
RCTF2019_syscall_interface
Null
RCTF2019_shellcoder
RCTF2019_Babyheap
BUFFER
EXIT_HCTF2018_the_end
DCQ2019_speedrun1-5
DCQ2019_babyheap
Starctf2019_Heap_master
House Of Storm
Starctf2019_upxofcpp
Patch4Pwn
Starctf2019_Babyshell
Starctf2019_Blindpwn
Starctf2019_Girlfriend
Starctf2019 Quicksort
CISCN_2019_Qual
OFF_BY_ONE
Kanxuectf_2019_apwn
Westlake_2019
CandCPP
SROP_SMALLEST
0ctf2019_zer0task
Relro_Review
string&vector
House_of_force
House-of-Roman
House of Orange
House of Spirit
auxv:origin_of_canaries
mno2
pwnable-tw Trip
BCTF2018:house_of_atum
BCTF2018:three
IO_FILE:pwn_Stdout
Canary
GETS_THE_SHELL
NUCA:Steak
LCTF2018:Easy_heap
Hitcon:children_tcache
x86_stack_migration:Hack
Hitcon:baby_tcache
double free or corrupttion
Ubuntu16_Pwn_build_up
XCTF-final-2018-nobof
XCTF-final-2018:PU G
IO_FILE ALl_in_one
chall2-bank
Kamikaze
BABY OFFBYONE
Stack-Migaration-Over
Stack-Migaration
ROP TRAINING
Easy Coin:UAF
Partial_write-NoLeak
Hook_magic
Swap_return
Once_time
IO_FILE:_IO_buf_base
fast_bin_atk_note
QCTF-2018-Pwn-Wp
QCTF-2018-Web-Wp
QCTF_2018_Misc_Wp
Shellcode 's Magic
LOG for AD2018-6-16
startCTF 2018 Babystack :thread stack bypass canary
Relro!
How to compile a glibc
0CTF 2017 Easiestprintf
Basic Pwn train (stack)
basic fmtstr
static link
Debug With GDB
base64 encode / python
Kernel Notes
CheatCode
subscribe via RSS