Windows Exploitation Resources

Windows

Advanced Windows exploit development resources


Some resources, links, books, and papers related to mostly Windows Internals and anything Windows kernel related. Mostly talks and videos that I enjoyed watching.

These are all resources that I have personally used and gone through

Really important resources

Must watch / read (if you could chose a few) – all time favorites

Windows Rootkits


Talks / video recordings

Articles / papers

Windows kernel mitigations


Talks / video recordings

Articles / papers

General mitigation papers

kASLR

SMEP

CET

Windows kernel shellcode


Articles / papers

Windows kernel exploitation


Talks / video recordings

Articles / papers

Windows kernel GDI exploitation


Talks / video recordings

Articles / papers

Windows kernel Win32k.sys research


Talks / video recordings

Articles / papers

Windows Kernel logic bugs


Talks / video recordings

Articles / papers

Windows kernel driver development


Talks / video recordings

Articles / papers

Windows internals


Talks / video recordings

Articles / papers

Advanced Windows debugging


Talks / video recordings

Articles / papers

0days – APT advanced malware research


Talks / video recordings

Articles / papers

Video game cheating (kernel mode stuff sometimes)


Talks / video recordings

Articles / papers

Hyper-V and VM / sandbox escape


Talks / video recordings

Articles / papers

Fuzzing


Talks / video recordings

Articles / papers

Windows browser exploitation


Talks / video recordings

Favorite books of mine


  • Windows Internals, Part 1 (Pavel Yosifovich, and some others)
  • Windows 10 System Programming, Part 1 (Pavel Yosifovich)
  • Windows 10 System Programming, Part 2 (Pavel Yosifovich)
  • Windows Kernel Programming (Pavel Yosifovich)
  • Rootkits: Subverting the Windows Kernel
  • The Rootkit Arsenal
  • Intel® 64 and IA-32 Architectures Software Developer Manuals

Related certifications and courses


Courses

  • Advanced Windows Exploitation (AWE)
  • Sans 660
  • Sans 760
  • Corelan “Bootcamp” training
  • Corelan “Advanced” training

Certifications

  • Offensive Security Exploitation Expert (OSEE)
  • Giac GXPN

The Exploitation Resources is a github repository by FULLSHADE