# security-paper **Repository Path**: ifquant/security-paper ## Basic Information - **Project Name**: security-paper - **Description**: (与本人兴趣强相关的)各种安全or计算机资料收集 - **Primary Language**: Unknown - **License**: MIT - **Default Branch**: master - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 1 - **Forks**: 1 - **Created**: 2021-07-31 - **Last Updated**: 2023-08-25 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README # Security Papers  **(与本人兴趣强相关的)各种安全or计算机资料收集,如侵权请联系我删除~** *book, manual, paper, blog, slides, report, course, survey,tool, online, video* ## Architecture - *2014 manual* [ARM_Architecture_Reference_Manual_ARMv7-A_and_ARMv7-R_edition](Architecture/ARM_Architecture_Reference_Manual_ARMv7-A_and_ARMv7-R_edition) - *2019 manual* [Arm_Architecture_Reference_Manual](Architecture/Arm_Architecture_Reference_Manual) - *2019 manual* [Intel_64_and_IA-32_Architectures_Software_Developers_Manual](Architecture/Intel_64_and_IA-32_Architectures_Software_Developers_Manual) - *2017 slides* [A_tour_of_the_ARM_architecture_and_its_Linux_support](Architecture/A_tour_of_the_ARM_architecture_and_its_Linux_support) ## Reverse Engineering - *2005 book* [Reversing_Secrets_of_Reverse_Engineering](Reverse-Engineering/Reversing_Secrets_of_Reverse_Engineering) - *2016 book* [anti-reverse-engineering-linux](Reverse-Engineering/anti-reverse-engineering-linux) - *2016 paper* [An_In-Depth_Analysis_of_Disassembly_on_Full-Scale_x86x64_Binaries](Reverse-Engineering/An_In-Depth_Analysis_of_Disassembly_on_Full-Scale_x86x64_Binaries) - *2018 slides* [Unpacking_for_Dummies](Reverse-Engineering/Unpacking_for_Dummies) - *2019 book* [Reverse_Engineering_for_Beginners](Reverse-Engineering/Reverse_Engineering_for_Beginners) - *2019 slides* [Three_Heads_Are_Better_Than_One_Mastering_NSAs_Ghidra_Reverse_Engineering_Tool](Reverse-Engineering/Three_Heads_Are_Better_Than_One_Mastering_NSAs_Ghidra_Reverse_Engineering_Tool) - *2020 paper* [An_Observational_Investigation_of_Reverse_Engineers_Processes](Reverse-Engineering/An_Observational_Investigation_of_Reverse_Engineers_Processes) ## Program Analysis - *2004 book* [Principles_of_Program_Analysis](Program-Analysis/Principles_of_Program_Analysis) - *2005 paper* [WYSINWYX_What_You_See_Is_Not_What_You_eXecute](Program-Analysis/WYSINWYX_What_You_See_Is_Not_What_You_eXecute) - *2007 paper* [CUTE_A_Concolic_Unit_Testing_Engine_for_C](Program-Analysis/CUTE_A_Concolic_Unit_Testing_Engine_for_C) - *2010 paper* [All_You_Ever_Wanted_to_Know_About_Dynamic_Taint_Analysis_and_Forward_Symbolic_Execution-but_might_have_been_afraid_to_ask](Program-Analysis/All_You_Ever_Wanted_to_Know_About_Dynamic_Taint_Analysis_and_Forward_Symbolic_Execution-but_might_have_been_afraid_to_ask) - *2012 paper* [Unleashing_MAYHEM_on_Binary_Code](Program-Analysis/Unleashing_MAYHEM_on_Binary_Code) - *2016 paper* [SVF_Interprocedural_Static_Value-Flow_Analysis_in_LLVM](Program-Analysis/SVF_Interprocedural_Static_Value-Flow_Analysis_in_LLVM) - *2018 paper* [A_Survey_of_Symbolic_Execution_Techniques](Program-Analysis/A_Survey_of_Symbolic_Execution_Techniques) - *2018 slides* [Intro_to_Binary_Analysis_with_Z3_and_Angr](Program-Analysis/Intro_to_Binary_Analysis_with_Z3_and_Angr) - *2018 slides* [The_NOT-SO-PROFITABLE_Path_Towards_Automated_Heap_Exploitation](Program-Analysis/The_NOT-SO-PROFITABLE_Path_Towards_Automated_Heap_Exploitation) - *2018 slides* [Finding_security_vulnerabilities_with_modern_fuzzing_techniques](Program-Analysis/Finding_security_vulnerabilities_with_modern_fuzzing_techniques) - *2019 book* [SAT-SMT_by_example](Program-Analysis/SAT-SMT_by_example) - *2019 book* [Static_Program_Analysis](Program-Analysis/Static_Program_Analysis) ## Malware - *2010 slides* [Malware-Analysis-Training](Malware/Malware-Analysis-Training) - *2017 slides* [Dr_Honeypots](Malware/Dr_Honeypots) - *2017 slides* [Digital_Vengeance_Exploiting_the_Most_Notorious_C&C_Toolkits](Malware/Digital_Vengeance_Exploiting_the_Most_Notorious_C&C_Toolkits) - *2017 paper* [Understanding_the_Mirai_Botnet](Malware/Understanding_the_Mirai_Botnet) - *2018 paper* [Understanding_Linux_Malware](Malware/Understanding_Linux_Malware) - *2018 slides* [Modern Linux Malware Exposed](Malware/Modern_Linux_Malware_Exposed) - *2018 slides* [Trojans_in_SS7-how_they_bypass_all_security_measures](Malware/Trojans_in_SS7-how_they_bypass_all_security_measures) - *2019 slides* [Fileless_Malware_and_Process_Injection_in_Linux](Malware/Fileless_Malware_and_Process_Injection_in_Linux) ## Exploitation - *1998 paper* [StackGuard_Automatic_Adaptive_Detection_and_Prevention_of_Buffer-Overflow_Attacks](Exploitation/StackGuard_Automatic_Adaptive_Detection_and_Prevention_of_Buffer-Overflow_Attacks) - *2001 blog* [Exploiting_Format_String_Vulnerabilities](Exploitation/Exploiting_Format_String_Vulnerabilities) - *2001 blog* [The_advanced_return-into-libc_exploits](Exploitation/The_advanced_return-into-libc_exploits) - *2002 blog* [Advances_in_format_string_exploitation](Exploitation/Advances_in_format_string_exploitation) - *2005 paper* [Control-Flow_Integrity_Principles_Implementations_and_Applications](Exploitation/Control-Flow_Integrity_Principles_Implementations_and_Applications) - *2007 slides* [Understanding_the_heap_by_breaking_it](Exploitation/Understanding_the_heap_by_breaking_it) - *2008 book* [Hacking-The_Art_of_Exploitation_2nd_Edition](Exploitation/Hacking-The_Art_of_Exploitation_2nd_Edition) - *2009 paper* [Surgically_Returning_to_Randomized_libc](Exploitation/Surgically_Returning_to_Randomized_libc) - *2009 blog* [MALLOC_DES-MALEFICARUM](Exploitation/MALLOC_DES-MALEFICARUM) - *2010 paper* [G-Free_Defeating_Return-Oriented_Programming_through_Gadget-less_Binaries](Exploitation/G-Free_Defeating_Return-Oriented_Programming_through_Gadget-less_Binaries) - ★★★☆☆ *2011 book* [0day安全-软件漏洞分析技术第2版](Exploitation/0day安全-软件漏洞分析技术第2版) - *2011 paper* [Q_Exploit_Hardening_Made_Easy](Exploitation/Q_Exploit_Hardening_Made_Easy) - *2011 paper* [Jump-Oriented_Programming_A_New_Class_of_Code-Reuse_Attack](Exploitation/Jump-Oriented_Programming_A_New_Class_of_Code-Reuse_Attack) - *2012 paper* [Return-Oriented_Programming_Systems_Languages_and_Applications](Exploitation/Return-Oriented_Programming_Systems_Languages_and_Applications) - *2012 paper* [Understanding_Integer_Overflow_in_C:C++](Exploitation/Understanding_Integer_Overflow_in_C:C++) - *2013 paper* [Just-in-time_code_reuse_On_the_effectiveness_of_fine-grained_address_space_layout_randomization](Exploitation/Just-in-time_code_reuse_On_the_effectiveness_of_fine-grained_address_space_layout_randomization) - *2013 paper* [Transparent_ROP_Exploit_Mitigation_using_Indirect_Branch_Tracing](Exploitation/Transparent_ROP_Exploit_Mitigation_using_Indirect_Branch_Tracing) - ★★★★★ *2014 paper* [Hacking_Blind](Exploitation/Hacking_Blind) - ★★★★★ *2014 paper* [Framing_Signals—A_Return_to_Portable_Shellcode](Exploitation/Framing_Signals—A_Return_to_Portable_Shellcode) - *2014 paper* [Code-Pointer_Integrity](Exploitation/Code-Pointer_Integrity) - ★★★★★ *2015 paper* [How_the_ELF_Ruined_Christmas](Exploitation/How_the_ELF_Ruined_Christmas) - *2015 blog* [Glibc_Adventures_The_Forgotten_Chunks](Exploitation/Glibc_Adventures_The_Forgotten_Chunks) - ★★★☆☆ *2015 course* [Modern_Binary_Exploitation](Exploitation/Modern_Binary_Exploitation) - *2015 paper* [Automatic_Generation_of_Data-Oriented_Exploits](Exploitation/Automatic_Generation_of_Data-Oriented_Exploits) - *2016 paper* [New_Exploit_Methods_against_Ptmalloc_of_GLIBC](Exploitation/New_Exploit_Methods_against_Ptmalloc_of_GLIBC) - *2016 paper* [LAVA_Large-scale_Automated_Vulnerability_Addition](Exploitation/LAVA_Large-scale_Automated_Vulnerability_Addition) - *2017 paper* [ASLR_on_the_Line_Practical_Cache_Attacks_on_the_MMU](Exploitation/ASLR_on_the_Line_Practical_Cache_Attacks_on_the_MMU) - *2017 blog* [Cyber_Grand_Shellphish](Exploitation/Cyber_Grand_Shellphish) - *2018 survey* [缓冲区溢出漏洞分析技术研究进展](Exploitation/缓冲区溢出漏洞分析技术研究进展) - *2019 survey* [安全漏洞自动利用综述](Exploitation/安全漏洞自动利用综述) - *2019 survey* [The_Art_Science_and_Engineering_of_Fuzzing_A_Survey](Exploitation/The_Art_Science_and_Engineering_of_Fuzzing_A_Survey) - *2020 paper* [Typestate-Guided_Fuzzer_for_Discovering_Use-after-Free_Vulnerabilities](Exploitation/Typestate-Guided_Fuzzer_for_Discovering_Use-after-Free_Vulnerabilities) ## Fuzz - *2020 paper* [IJON_Exploring_Deep_State_Spaces_via_Fuzzing](Fuzz/IJON_Exploring_Deep_State_Spaces_via_Fuzzing) - *2020 paper* [AFLNet: A Greybox Fuzzer for Network Protocols](Fuzz/AFLNet_A_Greybox_Fuzzer_for_Network_Protocols) ## IOT - *2006 paper* [IoT/Vulnerabilities_in_first-generation_RFID-enabled_credit_cards](IoT/Vulnerabilities_in_first-generation_RFID-enabled_credit_cards) - *2013 book* [Hacking the Xbox](IoT/Hacking_the_Xbox) - *2013 paper* [FIE_on_Firmware_Finding_Vulnerabilities_in_Embedded_Systems_Using_Symbolic_Execution](IoT/FIE_on_Firmware_Finding_Vulnerabilities_in_Embedded_Systems_Using_Symbolic_Execution) - *2014 paper* [A_Large-Scale_Analysis_of_the_Security_of_Embedded_Firmwares](IoT/A_Large-Scale_Analysis_of_the_Security_of_Embedded_Firmwares) - *2015 slides* [Advanced_SOHO_Router_Exploitation](IoT/Advanced_SOHO_Router_Exploitation) - *2015 slides* [Cameras_Thermostats_and_Home_Automation_Controllers](IoT/Cameras_Thermostats_and_Home_Automation_Controllers) - *2015 paper* [Firmalice-Automatic_Detection_of_Authentication_Bypass_Vulnerabilitiesin_Binary_Firmware](IoT/Firmalice-Automatic_Detection_of_Authentication_Bypass_Vulnerabilitiesin_Binary_Firmware) - *2016 paper* [Towards_Automated_Dynamic_Analysis_for_Linux-based_Embedded_Firmware](IoT/Towards_Automated_Dynamic_Analysis_for_Linux-based_Embedded_Firmware) - *2016 paper* [Scalable_Graph-based_Bug_Search_for_Firmware_Images](IoT/Scalable_Graph-based_Bug_Search_for_Firmware_Images) - *2017 paper* [IoT_Goes_Nuclear_Creating_a_Zigbee_Chain_Reaction](IoT/IoT_Goes_Nuclear_Creating_a_Zigbee_Chain_Reaction) - *2017 slides* [Reversing FreeRTOS on embedded devices](IoT/Reversing_FreeRTOS_on_embedded_devices) - ★★☆☆☆ *2017 survey* [物联网安全综述](IoT/物联网安全综述) - ★☆☆☆☆ *2018 survey* [智能家居安全综述](IoT/智能家居安全综述) - *2018 survey* [物联网操作系统安全研究综述](IoT/物联网操作系统安全研究综述) - ★★★☆☆ *2018 report* [智能设备安全分析手册](IoT/智能设备安全分析手册) - *2018 slides* [Fitbit Firmware Hacking](IoT/Fitbit_Firmware_Hacking) - *2018 slides* [Reversing_IoT_Xiaomi_ecosystem](IoT/Reversing_IoT_Xiaomi_ecosystem) - *2018 slides* [Bushwhacking your way around a bootloader](IoT/Bushwhacking_your_way_around_a_bootloader) - *2018 slides* [Dissecting_QNX](IoT/Dissecting_QNX) - *2018 slides* [Hacking_Toshiba_Laptops](IoT/Hacking_Toshiba_Laptops) - *2018 slides* [Subverting_your_server_through_its_BMC_the_HPE_iLO4_case](IoT/Subverting_your_server_through_its_BMC_the_HPE_iLO4_case) - *2018 slides* [DIY_ARM_Debugger_for_Wi-Fi_Chips](IoT/DIY_ARM_Debugger_for_Wi-Fi_Chips) - *2018 survey* [Program_Analysis_of_Commodity_IoT_Applications_for_Security_and_Privacy_Challenges_and_Opportunities](IoT/Program_Analysis_of_Commodity_IoT_Applications_for_Security_and_Privacy_Challenges_and_Opportunities) - *2018 paper* [Hackers_vs_Testers_A_Comparison_of_Software_Vulnerability_Discovery_Processes](Exploitation/Hackers_vs_Testers_A_Comparison_of_Software_Vulnerability_Discovery_Processes) - ★★★★☆ *2018 paper* [What_You_Corrupt_Is_Not_What_You_Crash_Challenges_in_Fuzzing_Embedded_Devices](IoT/What_You_Corrupt_Is_Not_What_You_Crash_Challenges_in_Fuzzing_Embedded_Devices) - *2018 paper* [IoTFuzzer_Discovering_Memory_Corruptions_in_IoT_Through_App-based_Fuzzing](IoT/IoTFuzzer_Discovering_Memory_Corruptions_in_IoT_Through_App-based_Fuzzing) - *2018 paper* [Sensitive_Information_Tracking_in_Commodity_IoT](IoT/Sensitive_Information_Tracking_in_Commodity_IoT) - *2018 paper* [DTaint_Detecting_the_Taint-Style_Vulnerability_in_Embedded_Device_Firmware](IoT/DTaint_Detecting_the_Taint-Style_Vulnerability_in_Embedded_Device_Firmware) - *2018 slides* [Beginners_Guide_on_How_to_Start_Exploring_IoT_Security](IoT/Beginners_Guide_on_How_to_Start_Exploring_IoT_Security) - *2019 paper* [CryptoREX_Large-scale_Analysis_of_Cryptographic_Misuse_in_IoT_Devices](IoT/CryptoREX_Large-scale_Analysis_of_Cryptographic_Misuse_in_IoT_Devices) - *2019 slides* [Firmware_Extraction](IoT/Firmware_Extraction) - ★☆☆☆☆ *2019 report* [2019物联网安全年报](IoT/2019物联网安全年报) - *2019 blog* [ANATOMY_OF_A_FIRMWARE_ATTACK](IoT/ANATOMY_OF_A_FIRMWARE_ATTACK) - *2019 blog* [Toward_Automated_Firmware_Analysis_in_the_IoT_Era](IoT/Toward_Automated_Firmware_Analysis_in_the_IoT_Era) - *2019 paper* [Sok_Security_evaluation_of_home-based_iot_deployments](IoT/Sok_Security_evaluation_of_home-based_iot_deployments) - *2019 paper* [Toward_the_Analysis_of_Embedded_Firmware_through_Automated_Re-hosting](IoT/Toward_the_Analysis_of_Embedded_Firmware_through_Automated_Re-hosting) - *2019 paper* [FIRM-AFL_High-Throughput_Greybox_Fuzzing_of_IoT_Firmware_via_Augmented_Process_Emulation](IoT/FIRM-AFL_High-Throughput_Greybox_Fuzzing_of_IoT_Firmware_via_Augmented_Process_Emulation) - *2019 slides* [Insecure_Boot](IoT/Insecure_Boot) - *2019 slides* [Embedded_Research_Automation](IoT/Embedded_Research_Automation) - *2020 paper* [IoT_Behavioral_Monitoring_via_Network_Traffic_Analysis](IoT/IoT_Behavioral_Monitoring_via_Network_Traffic_Analysis) - *2020 paper* [On_the_State_of_Internet_of_Things_Security_Vulnerabilities_Attacks_and_Recent_Countermeasures](IoT/On_the_State_of_Internet_of_Things_Security_Vulnerabilities_Attacks_and_Recent_Countermeasures) - *2020 survey* [A_Survey_of_Security_Vulnerability_Analysis_Discovery_Detection_and_Mitigation_on_IoT_Devices](IoT/A_Survey_of_Security_Vulnerability_Analysis_Discovery_Detection_and_Mitigation_on_IoT_Devices) - ★☆☆☆☆ *2020 paper* [FIRMCORN_Vulnerability-Oriented_Fuzzing_of_IoT_Firmware_via_Optimized_Virtual_Execution](IoT/FIRMCORN_Vulnerability-Oriented_Fuzzing_of_IoT_Firmware_via_Optimized_Virtual_Execution) - *2020 blog* [A Case Of Analysing Encrypted Firmware](https://payatu.com/blog/munawwar/solving-the-problem-of-encrypted-firmware) - *2020 blog* [MINDSHARE: DEALING WITH ENCRYPTED ROUTER FIRMWARE](https://www.thezdi.com/blog/2020/2/6/mindshare-dealing-with-encrypted-router-firmware) - *2020 blog* [Virtualizing ARM-Based Firmware Part - 1](https://payatu.com/blog/mihir/virtualizing-arm-based-firmware-part---1) - *2020 blog* [Virtualizing ARM-Based Firmware Part - 2](https://payatu.com/blog/mihir/virtualizing-arm-based-firmware-part---2) - *2020 slides* [Exploit (Almost) All Xiaomi Routers Using Logical Bugs](IoT/Exploit_Almost_All_Xiaomi_Routers_Using_Logical_Bugs) - *2020 blog* [WarezTheRemote Turning remotes into listening devices](IoT/Turning_remotes_into_listening_devices) - *2020 blog* [Identified and Authorized: Sneaking Past Edge-Based Access Control Devices](IoT/Sneaking_Past_Edge-Based_Access_Control_Devices) - *2020 slides* [The Art & Craft of writing ARM shellcode](IoT/The_Art_Craft_of_writing_ARM_shellcode) - *2020 tool* [Qiling Framework: Introduction](IoT/Qiling_Framework_Introduction) #### protocol - *2015 specification* [MQTT Version 3.1.1 OASIS Standard](IoT/protocol/mqtt-v3.1.1) - *2019 specification* [MQTT Version 5.0 OASIS Standard](IoT/protocol/mqtt-v5.0) - *2015 blog* [MQTT Essentials](https://www.hivemq.com/mqtt-essentials/) - *2019 blog* [MQTT 5 Essentials](https://www.hivemq.com/mqtt-5/) - *2015 blog* [MQTT Security Fundamentals](https://www.hivemq.com/mqtt-security-fundamentals/) - *2017 video* [A Guide to MQTT by Hacking a Doorbell to send Push Notifications](https://www.youtube.com/watch?v=J_BAXVSVPVI) - *2017 blog* [Hacking the IoT with MQTT](https://morphuslabs.com/hacking-the-iot-with-mqtt-8edaf0d07b9b) - *2018 blog* [Are smart homes vulnerable to hacking?](https://blog.avast.com/mqtt-vulnerabilities-hacking-smart-homes) - *2020 blog* [IoT Standards and Protocols](https://www.postscapes.com/internet-of-things-protocols/) - *2020 survey* [Security_of_IoT_Application_Layer_Protocols_Challenges_and_Findings](IoT/protocol/Security_of_IoT_Application_Layer_Protocols_Challenges_and_Findings) - *tool* [MQTT Explorer](http://mqtt-explorer.com/) - *tool* [Mosquitto](https://mosquitto.org/) - *tool* [HiveMQ](https://www.hivemq.com/) - *tool* [Nmap Library mqtt](https://nmap.org/nsedoc/lib/mqtt.html) #### wireless - *2007 paper* [Stateful Fuzzing of Wireless Device Drivers in an Emulated Environment](IoT/wireless/Stateful_Fuzzing_of_Wireless_Device_Drivers_in_an_Emulated_Environment) - *2008 paper* [Fuzzing Wi-Fi Drivers to Locate Security Vulnerabilities](IoT/wireless/Fuzzing_Wi-Fi_Drivers_to_Locate_Security_Vulnerabilities) - *2016 slides* [GATTACKING_BLUETOOTH_SMART_DEVICES](IoT/wireless/GATTACKING_BLUETOOTH_SMART_DEVICES) - *2017 blog* [Getting Started With Radio Hacking – Part 1 – Radio Frequency Basics And Theory](https://payatu.com/blog/Nitesh-Malviya/getting-started-with-radio-waves-hacking) - *2017 blog* [Getting Started With Radio Hacking – Part 2 – Listening To FM Using RTL-SDR And GQRX](https://payatu.com/blog/Nitesh-Malviya/getting-started-radio-hacking-part-2-listening-fm-using-rtl-sdr-gqrx) - *2017 blog* [Reversing And Exploiting BLE 4.0 Communication](https://payatu.com/blog/Arun-Mane/reversing-exploiting-ble-4-0-communication) - *2017 blog* [How I Reverse Engineered And Exploited A Smart Massager](https://payatu.com/blog/Arun-Magesh/smartmassager_re) - *2018 blog* [“Find – Bluetooth Tracker” Responsible Vulnerability Disclosure – Blog](https://payatu.com/blog/Arun-Magesh/find-bluetooth-tracker-responsible-vulnerability-disclosure-blog) - *2018 blog* [Intel Edison as Bluetooth LE — Exploit box](https://medium.com/@arunmag/intel-edison-as-bluetooth-le-exploit-box-a63e4cad6580) - *2018 blog* [My journey towards Reverse Engineering a Smart Band — Bluetooth-LE RE](https://medium.com/@arunmag/my-journey-towards-reverse-engineering-a-smart-band-bluetooth-le-re-d1dea00e4de2) - *2018 blog* [Hacking Smart Locks with Bluetooth / BLE](https://www.getkisi.com/blog/smart-locks-hacked-bluetooth-ble) - *2018 blog* [I hacked MiBand 3, and here is how I did it. Part I](https://medium.com/@yogeshojha/i-hacked-xiaomi-miband-3-and-here-is-how-i-did-it-43d68c272391) - *2018 blog* [I hacked MiBand 3, and here is how I did it. Part II](https://medium.com/@yogeshojha/i-hacked-miband-3-and-here-is-how-i-did-it-part-ii-reverse-engineering-to-upload-firmware-and-b28a05dfc308) - *2018 slides* [802.11 Smart Fuzzing](IoT/wireless/802.11_Smart_Fuzzing) - *2019 slides* [ble-bluetooth-low-energy-exploitation](IoT/wireless/ble-bluetooth-low-energy-exploitation) - *2019 manual* [Bluetooth Core Specification](IoT/wireless/Bluetooth_Core_Specification) - *2019 blog* [ZigBee Networks An Overview for implementers and security testers](IoT/wireless/ZigBee_Networks_An_Overview) - *2020 slides* [Finding New Bluetooth Low Energy Exploits via Reverse Engineering Multiple Vendors' Firmwares](IoT/wireless/Finding_New_Bluetooth_Low_Energy_Exploits_via_Reverse_Engineering_Multiple_Vendors_Firmwares) - *2020 slides* [A Practical Introduction to Bluetooth Low Energy security without any special hardware](IoT/wireless/A_Practical_Introduction_to_Bluetooth_Low_Energy_security_without_any_special_hardware) #### car - *2015 blog* [Car Hacking series](IoT/car/Car_Hacking_series) - *2016 book* [THE CAR HACKER’S HANDBOOK](http://opengarages.org/handbook/ebook/) - *2016 slides* [PENTESTING VEHICLES WITH CANTOOLZ](IoT/car/PENTESTING_VEHICLES_WITH_CANTOOLZ) - *2016 slides* [特斯拉安全漏洞的发现过程](IoT/car/特斯拉安全漏洞的发现过程) - *2017 blog* [Building a Car Hacking Development Workbench](https://blog.rapid7.com/author/andrew-bindner/) - *2018 report* [2018智能网联汽车信息安全年度报告](IoT/car/2018智能网联汽车信息安全年度报告) - *2019 report* [2019智能网联汽车信息安全年度报告](IoT/car/2019智能网联汽车信息安全年度报告) - *2019 survey* [车联网安全综述](IoT/car/车联网安全综述) - *2019 slides* [Common Attacks Against Car Infotainment Systems](IoT/car/Common_Attacks_Against_Car_Infotainment_Systems) - *2019 blog* [Car Hacking 101: Part I: Setting Up](https://medium.com/@yogeshojha/car-hacking-101-practical-guide-to-exploiting-can-bus-using-instrument-cluster-simulator-part-i-cd88d3eb4a53) - *2019 blog* [Car Hacking 101: Part II: Exploitation](https://medium.com/@yogeshojha/car-hacking-101-practical-guide-to-exploiting-can-bus-using-instrument-cluster-simulator-part-ee998570758) - *2019 blog* [Car Hacking 101: Part III: SavvyCAN, Fuzzing CAN Frame and playing around with CAN frames](https://medium.com/@yogeshojha/car-hacking-101-practical-guide-to-exploiting-can-bus-using-instrument-cluster-simulator-part-ea40c05c49cd) - *2019 slides* [0-days&Mitigations_Roadways_to_Exploit_and_Secure_Connected_BMW_Cars](IoT/car/0-days&Mitigations_Roadways_to_Exploit_and_Secure_Connected_BMW_Cars) - *2020 blog* [CAN Bus Explained - A Simple Intro](https://www.csselectronics.com/screen/page/simple-intro-to-can-bus) - *2020 report* [车联网网络安全白皮书(2020年)](IoT/car/2020车联网网络安全白皮书) #### hardware - *2017 slides* [Breaking Code Read Protection on the NXP LPC-family Microcontrollers](IoT/hardware/Breaking_Code_Read_Protection_on_the_NXP_LPC-family_Microcontrollers) - *2018 slides* [Hardware_toolkits_for_IoT_security_analysis](IoT/hardware/Hardware_toolkits_for_IoT_security_analysis) - *2019 book* [Hardware_Security_A_Hands-on_Learning_Approach](IoT/hardware/Hardware_Security_A_Hands-on_Learning_Approach) - *2019 slides* [Hardware Hacking 101](IoT/hardware/Hardware_Hacking_101) ## Windows ## Linux - *2007 blog* [Ltrace_Internals](Linux/Ltrace_Internals) - ★★★☆☆ *2011 blog* [Glibc内存管理_Ptmalloc2源代码分析](Linux/Glibc内存管理_Ptmalloc2源代码分析) - *2016 book* [Learning_Linux_Binary_Analysis](Linux/Learning_Linux_Binary_Analysis) - *2016 slides* [Anatomy_of_cross-compilation_toolchains](Linux/Anatomy_of_cross-compilation_toolchains) - ★★★☆☆ *2017 slides* [GDB基础](Linux/GDB基础) - *2017 slides* [Tips_for_Linux_Kernel_Development](Linux/Tips_for_Linux_Kernel_Development) - *2019 slides* [Linux_Kernel_and_Driver_Development_Training](Linux/Linux_Kernel_and_Driver_Development_Training) - *2019 slides* [Embedded_Linux_system_development](Linux/Embedded_Linux_system_development) - *2019 slides* [Buildroot_Training](Linux/Buildroot_Training) ## Compiler - *1994 book* [Reverse_Compilation_Techniques](Compiler/Reverse_Compilation_Techniques) - *2007 book* [Compilers_Principles_Techniques_and_Tools_2nd_Edition](Compiler/Compilers_Principles_Techniques_and_Tools_2nd_Edition) - *2011 book* [Engineering_a_Compiler_2nd_edition](Compiler/Engineering_a_Compiler_2nd_edition) - *2012 book* [Modern_Compiler_Design_2nd_Edition](Compiler/Modern_Compiler_Design_2nd_Edition) - *2014 book* [Getting_Started_with_LLVM_Core_Libraries](Compiler/Getting_Started_with_LLVM_Core_Libraries) - *2014 slides* [BHUSA2014-capstone](Compiler/BHUSA2014-capstone) - *2016 slides* [BHUSA2016-keystone](Compiler/BHUSA2016-keystone) - *2018 slides* [Decompiler internals: microcode](Compiler/Decompiler_internals_microcode) ## Virtualization & Emulation - *2015 slides* [BHUSA2015-unicorn](Virtualization/BHUSA2015-unicorn) - *2018 slides* [Hypervisor-Level_Debugger_Benefits_Challenges](Virtualization/Hypervisor-Level_Debugger_Benefits_Challenges) - *2018 slides* [unboxing_your_virtualboxes](Virtualization/unboxing_your_virtualboxes) - *2018 slides* [thinking_outside_the_virtualbox](Virtualization/thinking_outside_the_virtualbox) - *2018 blog* [intel_virtualisation_how_vt-x_kvm_and_qemu_work_together](Virtualization/intel_virtualisation_how_vt-x_kvm_and_qemu_work_together) - *2019 manual* [VirtualBox_User_Manual](Virtualization/VirtualBox_User_Manual) - *2020 manual* [openSUSE Leap 15.2 Virtualization Guide](https://doc.opensuse.org/documentation/leap/virtualization/html/book.virt/index.html) ## Cryptography - *2017 book* [A_Graduate_Course_in_Applied_Cryptography](Cryptography/A_Graduate_Course_in_Applied_Cryptography) - *2017 slides* [API_design_for_cryptography](Cryptography/API_design_for_cryptography) ## CTF - ★★★☆☆ *2014 slides* [An_introduction_to_the_Return_Oriented_Programming_and_ROP_chain_generation](CTF/An_introduction_to_the_Return_Oriented_Programming_and_ROP_chain_generation) - ★★☆☆☆ *2015 slides* [掘金CTF_CTF中的内存漏洞利用技巧](CTF/掘金CTF_CTF中的内存漏洞利用技巧) - ★☆☆☆☆ *2015 slides* [PLAY_WITH_LINUX_HEAP](CTF/PLAY_WITH_LINUX_HEAP) - ★★☆☆☆ *2015 blog* [Linux_x86漏洞利用系列教程](CTF/Linux_x86漏洞利用系列教程) ## Others - *2016 survey* [云计算环境安全综述](Others/云计算环境安全综述) - *2017 report* [X41_Browser_Security_White_Paper](Others/X41_Browser_Security_White_Paper) - *2017 report* [Cure53_Browser_Security_White_Paper](Others/Cure53_Browser_Security_White_Paper) - *2018 slides* [Reversing_Vulnerability_Research_of_Ethereum_Smart_Contracts](Others/Reversing_Vulnerability_Research_of_Ethereum_Smart_Contracts) - ★★★☆☆ *2019 blog* [The_Beginners_Guide_to_IDAPython](Others/The_Beginners_Guide_to_IDAPython) - *2019 slides* [Bug_Hunting_in_Synology_NAS](Others/Bug_Hunting_in_Synology_NAS) - *2020 report* [全球高级持续性威胁(APT)2019年报告](Others/全球高级持续性威胁(APT)2019年报告)