作者:Escapingbug
項目地址:awesome-browser-exploit
Share some useful archives about browser exploitation.
I’m just starting to collect what I can found, and I’m only a starter in this area
as well. Contributions are welcome.
Chrome v8
Basic
- v8 github mirror(docs within)[github]
- on-stack replacement in v8[article] // multiple articles can be found within
- A tour of V8: Garbage Collection[article]
- A tour of V8: object representation[article]
- v8 fast properties[article]
- learning v8[github]
Writeup and Exploit Tech
- Mobile Pwn2Own Autumn 2013 – Chrome on Android – Exploit Writeup[article]
- Exploiting a V8 OOB write[article]
IE
Basic
- Microsoft Edge MemGC Internals[slides]
- The ECMA and the Chakra[slides]
Writeup and Exploit Tech
- 2012 – Memory Corruption Exploitation In Internet Explorer[slides]
- 2013 – IE 0day Analysis And Exploit[slides]
- 2014 – Write Once, Pwn Anywhere[slides]
- 2014 – The Art of Leaks: The Return of Heap Feng Shui[slides]
- 2014 – IE 11 0day & Windows 8.1 Exploit[slides]
- 2014 – IE11 Sandbox Escapes Presentation[slides]
- 2015 – Spartan 0day & Exploit[slides]
- 2015 – 瀏覽器漏洞攻防對抗的藝術 Art of browser Vulnerability attack and defense (Chinese)[slides]
- 2016 – Look Mom, I don’t use Shellcode[slides]
- 2016 – Windows 10 x64 edge 0day and exploit[slides]
- 2017 – 1-Day Browser & Kernel Exploitation[slides]
- 2017 – The Secret of ChakraCore: 10 Ways to Go Beyond the Edge[slides]
- 2017 – From Out of Memory to Remote Code Executio[slides]
- 2018 – Edge Inline Segment Use After Free (Chinese)
Mitigation
- 2017 – CROSS THE WALL-BYPASS ALL MODERN MITIGATIONS OF MICROSOFT EDGE[slides]
- Browser security mitigations against memory corruption vulnerabilities[references]
- Browsers and app specific security mitigation (Russian) part 1[article]
- Browsers and app specific security mitigation (Russian) part 2[article]
- Browsers and app specific security mitigation (Russian) part 3[article]
Webkit
Basic
- JSC loves ES6[article] // multiple articles can be found within
- JavaScriptCore, the WebKit JS implementation[article]
- saelo’s Pwn2Own 2018 Safari + macOS[exploit]
Writeup and Exploit Tech
Misc
Browser Basic
- Sea of Nodes[articles] // multiple articles can be found within
Fuzzing
- The Power-Of Pair[slides]
- Browser Fuzzing[slides]
- Taking Browsers Fuzzing To The Next (DOM) Level[slides]
- DOM fuzzer – domato[github]
- browser fuzzing framework – morph[github]
- browser fuzzing and crash management framework – grinder[github]
- Browser Fuzzing with a Twist[slides]
- Browser fuzzing – peach[wiki]
- 從零開始學Fuzzing系列:瀏覽器挖掘框架Morph誕生記 Learn Fuzzing from Very Start: the Birth of Browser Vulnerability Detection Framework Morph(Chinese)[article]
- BROWSER FUZZING IN 2014:David vs Goliath[slides]
- A Review of Fuzzing Tools and Methods[article]
Writeup and Exploit Tech
- it-sec catalog browser exploitation chapter[articles]
- 2014 – Smashing The Browser: From Vulnerability Discovery To Exploit[slides]
- smash the browser[github]
Collections
Thanks
转载请注明:IAMCOOL » 項目推薦:awesome-browser-exploit