Exploit Development

ROP is an advanced exploit technique, bypassing DEP & ASLR by chaining code snippets (gadgets) for arbitrary code execution without new executable code.

This article explores advanced heap spraying techniques used by red teams and pen testers to exploit vulnerabilities in software applications, including non-ASLR and ASLR-based heap spraying, and Unicode heap spraying, with real-world examples and tools.

This article provides a comprehensive guide to the C++ programming language, covering its basic concepts and syntax, as well as its application in pen testing and red teaming, including code examples for a port scanner, password cracker, and web crawler, and discussing its pros and cons compared to other languages for these purposes.

Explore C programming basics, pen testing and red teaming applications, write exploits and shellcode, and compare C to other languages for security pros.

This article introduces and explains exploit development techniques, best practices, and examples for a technical audience of red teams and pen testers.

A comprehensive deep-dive into the Nim programming language for offensive security. Learn the language fundamentals, master WinAPI interoperability with winim, discover compile-time metaprogramming for string obfuscation, and understand why Nim is the modern favorite for bypassing EDRs.

A comprehensive deep-dive into the Rust programming language for offensive security. Learn the core concepts of ownership and borrowing, master idiomatic error handling, build a multi-threaded port scanner, and discover how to use “Unsafe Rust” for shellcode injection and high-performance exploit development.