Awesome-Vulnerability-Research

Vulnerability research resource

A curated list of resources to help researchers and developers discover and analyze vulnerabilities in software.

๐Ÿฆ„ A curated list of the awesome resources about the Vulnerability Research

GitHub

1k stars
51 watching
159 forks
last commit: almost 4 years ago
awesomeawesome-listcuratedexploit-developmentfuzzingreading-listsecurity-researchvulnerability-research

Awesome Vulnerability Research / Contributing

doing a pull request 1,136 almost 4 years ago Use the standard method of forking this repo, making your changes and to have your content added. Please check the for more details
Create an "Issue" 1,136 almost 4 years ago Occasionally, if you just want to copy/paste your content, I'll take that too! with your suggestions and I will add it for you

Awesome Vulnerability Research / Contents / Advisories

Relevant Standards
Vulnerability databases

Awesome Vulnerability Research / Contents

Glossary

Awesome Vulnerability Research / Advisories / Articles

Super Awesome Fuzzing, Part One by and Eero Kurimo, 2017
From Fuzzing Apache httpd Server to CVE-2017-7668 and a $1500 Bounty by Javier Jimรฉnez, 2017
Root cause analysis of integer flow by , 2013

Awesome Vulnerability Research / Advisories / Books

The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities ๐ŸŒŸ - by Mark Dowd, John McDonald, Justin Schuh - published 2006, ISBN-13: 978-0321444424 / ISBN-10: 9780321444424
The Shellcoder's Handbook: Discovering and Exploiting Security Holes ๐ŸŒŸ - by Chris Anley, John Heasman, Felix Lindner, Gerardo Richarte - published 2007, 2nd Edition, ISBN-13: 978-0470080238 / ISBN-10: 047008023X

Awesome Vulnerability Research / Advisories / Classes

Advanced Windows Exploitation (AWE) by Offensive Security with complementary OSEE (Offensive Security Exploitation Expert) Certification
Cracking The Perimeter (CTP) by Offensive Security, with complementary OSCE (Offensive Security Certified Expert) Certification
Modern Binary Exploitation (CSCI 4968) 5,490 almost 3 years ago ๐ŸŽ - by RPISEC at Rensselaer Polytechnic Institute in Spring 2015. This was a university course developed and run solely by students to teach skills in vulnerability research, reverse engineering, and binary exploitation
Software Security Course on Coursera by University of Maryland
Offensive Computer Security by W. Owen Redwood and Prof. Xiuwen Liu

Awesome Vulnerability Research / Advisories / Conferences

DEF CON ๐ŸŒŸ - Las Vegas, NV, USA
Black Hat Las Vegas, NV, USA
Black Hat Europe London, UK //๐Ÿ”ฅJoin this year on !
Black Hat Asia Singapore
BSides ๐ŸŽ - Worldwide
BruCON Brussels, Belgium
Chaos Communication Congress (CCC) ๐ŸŒŸ - Hamburg, Germany
Code Blue Tokyo, Japan
Nullcon Goa, India
44CON London, UK
AppSecUSA Washington DC
OWASP AppSec EU Europewide
Positive Hack Days Moscow, Russia
ZeroNights ๐ŸŒŸ - Moscow, Russia
WarCon ๐ŸŒŸ - Warsaw, Poland

Awesome Vulnerability Research / Advisories / Conference talks

Vulnerabilities 101: How to Launch or Improve Your Vulnerability Research Game ๐ŸŒŸ - by and at 24, 2016
Writing Vulnerability Reports that Maximize Your Bounty Payouts by , originally presented at , 2016
Browser Bug Hunting: Memoirs of a Last Man Standing , by , presented at , 2013

Awesome Vulnerability Research / Advisories / Intentionally vulnerable packages

HackSys Extreme Vulnerable Windows Driver 2,488 3 months ago

Awesome Vulnerability Research / Advisories / Presentations

Vulnerabilities 101: How to Launch or Improve Your Vulnerability Research Game [PDF] ๐ŸŒŸ - by and at 24, 2016
Effective File Format Fuzzing [PDF] ๐ŸŒŸ - by presented at , 2016
Bootstrapping A Security Research Project [PDF] or - by at SOURCE Boston, 2016
Bug Hunting with Static Code Analysis [PDF] by Nick Jones, MWR Labs, 2016

Awesome Vulnerability Research / Advisories / Relevant Standards

CVE Common Vulnerabilities and Exposures, maintained by the
CWE Common Weakness Enumeration, maintained by the
CVSS Common Vulnerability Scoring System, maintained by
ISO/IEC 29147:2014 ๐Ÿ’ฐ - Vulnerability Disclosure Standard
RFPolicy 2.0 Full Disclosure Policy (RFPolicy) v2.0 by

Awesome Vulnerability Research / Advisories / Research Papers

TSIG Authentication Bypass Through Signature Forgery in ISC BIND [PDF] ๐Ÿ”ฅ - Clรฉment BERTHAUX, Synacktiv,
Taking Windows 10 Kernel Exploitation to the Next Level โ€“ Leveraging WRITE-WHAT-WHERE Vulnerabilities in Creators Update [PDF] 179 over 7 years ago ๐Ÿ”ฅ - , originally presented at 2017

Awesome Vulnerability Research / Advisories / Tools and Projects

Windbg The preferred debugger by exploit writers
ltrace Intercepts library calls
ansvif An advanced cross platform fuzzing framework designed to find vulnerabilities in C/C++ code
Metasploit Framework A framework which contains some fuzzing capabilities via Auxiliary modules
Spike A fuzzer development framework like sulley, a predecessor of sulley
Google Sanitizers 11,559 about 1 month ago A repo with extended documentation, bugs and some helper code for the AddressSanitizer, MemorySanitizer, ThreadSanitizer, LeakSanitizer. The actual code resides in the repository
FLARE VM 6,637 7 days ago ๐Ÿ”ฅ - FLARE (FireEye Labs Advanced Reverse Engineering) a fully customizable, Windows-based security distribution for malware analysis, incident response, penetration testing, etc
hackers-grep 170 over 6 years ago The hackers-grep is a tool that enables you to search for strings in PE files. The tool is capable of searching strings, imports, exports, and public symbols (like woah) using regular expressions
Grinder 415 over 2 years ago Grinder is a system to automate the fuzzing of web browsers and the management of a large number of crashes
Choronzon 268 7 months ago An evolutionary knowledge-based fuzzer
boofuzz 2,045 8 days ago A fork and successor of Sulley framework

Awesome Vulnerability Research / Advisories / Vendorโ€™s bug databases

Google Chrome issue tracker The Chromium Project

Awesome Vulnerability Research / Advisories / Websites

Corelan Team
FuzzySecurity by
Fuzzing Blogs by fuzzing.info
j00ru//vx tech blog ๐ŸŒŸ - Coding, reverse engineering, OS internals covered one more time

Awesome Vulnerability Research / Advisories / Who to Follow

(join now) ๐ŸŒŸSecurity Champions
FuzzySecurity
jksecurity
MortenSchenk
(@thegrugq) the grugq
(@jduck) ๐ŸŒŸJoshua Drake
(@sushidude) ๐ŸŒŸSteve Christey Coley
(@andrewsmhay) Andrew M. Hay
(@thegrugq) the grugq
(@FuzzySec) b33f
(@timstrazz) Tim Strazzere
(@wpawlikowski) Wojciech Pawlikowski
(@attekett) Atte Kettunen
(@h0wlu) Pawel Wylecial
(@antisnatchor) Hooked Browser
(@Kym_Possible) Kymberlee Price
(@MichalKoczwara) Michael Koczwara
(@j00ru) Mateusz Jurczyk
(@ProjectZeroBugs) Project Zero Bugs - Cheks for new bug reports every 10 minutes. Not affiliated with Google
(@HackwithGithub) Hack with GitHub - Open source hacking tools for hackers and pentesters

Awesome Vulnerability Research / Coordinated Disclosure

SecuriTeam Secure Disclosure (SSD) SSD provides the support you need to turn your experience uncovering security vulnerabilities into a highly paid career. SSD was designed by researchers, for researchers and will give you the fast response and great support you need to make top dollar for your discoveries
The Zero Day Initiative (ZDI) ZDI is originally founded by TippingPoint, is a program for rewarding security researchers for responsibly disclosing vulnerabilities. Currently managed by Trend Micro

Awesome Vulnerability Research / Common Lists / Awesome Lists

Awesome AppSec 6,353 5 months ago A curated list of resources for learning about application security. Contains books, websites, blog posts, and self-assessment quizzes
Awesome Web Security 11,503 10 months ago A curated list of Web Security materials and resources
Awesome Fuzzing 5,364 8 months ago A curated list of fuzzing resources for learning Fuzzing and initial phases of Exploit Development like root cause analysis

Awesome Vulnerability Research / Common Lists / Other Lists

Hack with Github 86,146 3 months ago Open source hacking tools for hackers and pentesters
Movies for Hackers 10,637 4 months ago A list of movies every cyberpunk must watch
SecLists 58,912 4 days ago SecLists is the security tester's companion

Awesome Vulnerability Research / Thanks

(@jduck) Joshua Drake and Steve Christey Coley for the inspiration!
you, who has sent the pull requests 1,136 almost 4 years ago And sure everyone of or a link to add here!