Collection of resources/tools/etc I thought might be useful for pwning. Hope it's useful!
note: the level of endorsement we're talking about for (most) of the courses/educational links here is "i saw it, thought it was cool, and found it in my bookmarks when writing this"
This is an eternal WIP; if you have anything you think would be useful that isn't already here you can contact me on discord @ sky#0004.
Collection of writeups, sorted and labelled.
ASU's Computer Systems Security (CSE466) course, available online. It's pretty solid and starts at a beginner level.
Good overview of a lot of introductoring binary exploitation concepts; I used this as a reference for quite a while when I was first getting started.
Good blog post on the details behind GOT/PLT/relocations with a particular eye towards using it for binary exploitation.
"CTF framework and exploit development library" unimaginably useful and contains a very significant amount of functionality for solving (primarily pwn) CTF challenges
GDB extension; adds a lot of generally useful commands but it'd be worth it just for the context TUI it adds
The NSA's reverse engineering tool -- it works very well and is free.
Used to correlate pointer offsets to libc versions; you provide it a set of symbols and their addresses and it will list libc versions which match. hosted is easier to use but may be missing recent or obscure versions
Searches and lists "ROP gadgets" in a binary
Searches libc for a "one gadget" and lists constraints; these are single-shot addresses you can jump to and receive a shell if you match the constraint.
Dictionary of heap attacks & examples, I check this out every single time I see a heap challenge I don't know how to do.
Describes the locations of pointers in one part of memory to another part; useful if you can read memory and need to turn the location of one region into knowledge of other regions.