ctfnote.com
Search
⌃
K
/home/ret2basic.eth
Web3 Security Research
Guide for Fellow Researchers
✅
Web3 Security Research Trivia
✅
Ethereum and Solidity
Foundry
✅
Secureum
DeFi
EVM
Hacks
Research
Red Teaming
✅
Enumeration
✅
Exploitation
✅
Buffer Overflow
Step 0: Spiking (Optional)
Step 1: Fuzzing
Step 2: Finding the Offset
Step 3: Overwriting the EIP
Step 4: Finding Bad Characters
Step 5: Finding the Right Module
Step 6: Generating Shellcode and Gaining Root
✅
Privilege Escalation
✅
Post Exploitation
✅
Pivoting
Active Directory (AD)
Command & Control (C2)
Malware Development
Cryptography
Hash Functions
MAC
AES
Diffie-Hellman
RSA
ECC
Digital Signature
JWT
PRNG
SSL/TLS
Research
Computer Science
Linux
Python
HTML, CSS, JavaScript, and React
C, C++, and C#
Data Structures and Algorithms
The Linux Programming Interface
Computer Systems
Databases
Distributed Systems
Static Analysis
Web
✅
Prerequisites
File Upload
SQL Injection (SQLi)
Cross-Site Scripting (XSS)
CSRF and SSRF
XML External Entities (XXE)
Insecure Deserialization
HTTP Request Smuggling
OS Command Injection
✅
Directory Traversal
HTTP Parameter Pollution
Server-Side Template Injection (SSTI)
LDAP Injection
Redis
Pwn
Linux Exploitation
Windows Exploitation
Fuzzing
Reverse
Bytecode
angr
Powered By
GitBook
Comment on page
✅
Buffer Overflow
Lecture
Buffer Overflows Made Easy - TCM
This tutorial uses
vulnserver
. In particular, we are going to attack the
TRUN
command.
Previous
Password Spray
Next
Step 0: Spiking (Optional)
Last modified
6mo ago
