Here is a list of resources to learn about security.

Exploit & Reverse Engineering

The following links are mostly about the basis of binary exploitation and reverse engineering:

  • The basis of assembly language (x86, 32 bits) : link
  • The basis of assembly language (x86, 64 bits): link
  • The basis of binary exploitation on Linux: link
  • The basis of stack base buffer overflow exploitation: link
  • The basis of format string exploitation: link
  • Software security courses on Coursera: link
  • The Shellcoder's Handbook, discovering and exploiting security holes.
  • Basic security protections and how to bypass them: link

More in-depth binary exploitation:

  • No whitespace shellcode: link
  • Advance format string exploitation: link, link, link
  • Return Oriented Programming: link, link, link
  • Exploit C++ virtual tables: link
  • Information leakage with Stack Smashing Protector: link
  • Sigreturn Oriented Programming: link
  • X86 calling conventions: link
  • Syscall table for Linux, x86_64: link
  • Syscall table for Linux, x86: link
  • The .init and .fini sections: link
  • The .dtors section: link
  • Understand dynamic library calls (using the PTL and GOT): link
  • Heap buffer overflow exploitation: link, link, link, link

Recent papers about binary exploitation:

  • Attacking Branch Predictors to Bypass ASLR: link
  • Blind Return Oriented Programming: paper, website


Common knowledge & vulnerabilities:

  • HTTP: link
  • Information disclosure using robots.txt: link
  • Information disclosure: .git, .svn, index.phps, index.php~, index.php.swp
  • Session hijacking: link
  • Cross Site scripting (XSS): link, link, link, link
  • Cross Site Request Forgery (CSRF): link
  • Command Injection: link
  • HTTP Response Splitting: link, link
  • HTTP Header Injection: link
  • HTTP Verb Tampering - Bypass badly written .htaccess: link
  • HTTP Request Smuggling: link
  • Bypass improper PHP redirections: link
  • PHP Path Truncation: link
  • Full path disclosure: link
  • Local and Remote File Inclusion (LFI, RFI): link, link, link, link, link
  • Local File Inclusion and /proc/self/environ: link
  • Null byte + File Inclusion: link
  • Null byte in PHP preg_replace: link
  • PHP Upload: link
  • PHP Type Juggling: link, link
  • PHP Unserialize: link
  • Python pickle: link, link, link
  • Server Side Template Injection: link
  • SQL Injection: link, link, link
  • SQL Injection, bypass PHP addslashes(): link, link
  • SQL Injection, bypass filters: link, link, link, link
  • Blind SQL Injection: link, link
  • Time based Blind SQL Injection: link
  • NoSQL Injection: link
  • Time based Blind NoSQL Injection: link
  • XPath Injection: link, link
  • Blind XPath Injection: link, link
  • XML Injection (using XXE): link
  • LDAP Injection: link, link

Recent papers about server side web security:

  • mXSS Attacks: Attacking well-secured Web-Applications by using innerHTML Mutations: paper


  • Generate MD5 collisions: link