Reading material

Below is a list of overall reading material which you may wish to read over before starting.

Bug class exploitation

Format strings:

Scut's formatstring paper (class paper and recommended reading)
Advances in format string exploitation
Format bug analysis
Vulnerabilities in your code - Format Strings
The Mystery of Format String Exploitation

Heap exploitation

Once upon a free() - Historical document, later glibc's have additional checking
Vudo - An object superstitiously believed to embody magical powers - ""
Advanced Doug lea's malloc exploits - ""
Malloc Maleficarum - Recent glibc malloc exploitation document, should be relevant for blacksun

Frame pointer overwrites

Framepointer overwrites

Adress space layout randomisation (ASLR)/ PaX specific

Bypassing PaX ASLR protection - somewhat outdated.
The advanced return-into-lib(c) exploits: PaX case study - ""
PaX documentation - external link
Smash the stack - Advanced bufferoverflow methods

Execshield documents

A Solution To Red Hat PIE Protection - External link
How to Exploit Overflow Vulnerability Under Fedora Core - External link

Stackguard / Stack smashing protection

Hardware protection (e.g amd64 / nx bit)

x86-64 buffer overflow exploits and the borrowed chunks exploitation technique

Generalised papers / notes / presentations (not always indepth)

Secure computing

Seccomp announcement - Secure Computing (seccomp) patch announcement (external link)

Got some good additional papers?

If you have some relevant papers that would be suitable for this site, please drop me an email.