UsefulLinks
Computer Science
Cybersecurity
Browser Security and Exploitation
1. Introduction to Browser Security
2. Browser Architecture Fundamentals
3. Web Technology Foundations
4. Browser Security Models
5. Vulnerability Classifications
6. Browser Exploitation Methodology
7. Exploitation Primitives and Techniques
8. JavaScript Engine Exploitation
9. DOM and Rendering Engine Exploitation
10. Browser Hardening and Mitigations
11. Vulnerability Research Methods
12. Browser Extensions and Plugin Security
13. Emerging Attack Surfaces
14. Security Analysis Tools
7.
Exploitation Primitives and Techniques
7.1.
Heap Manipulation
7.1.1.
Heap Spraying
7.1.1.1.
Memory Layout Control
7.1.1.2.
Exploit Reliability Enhancement
7.1.1.3.
Heap Spray Detection Evasion
7.1.2.
Heap Grooming
7.1.2.1.
Heap Layout Shaping
7.1.2.2.
Object Placement Control
7.1.2.3.
Fragmentation Management
7.1.3.
Heap Overflow Exploitation
7.1.3.1.
Metadata Corruption
7.1.3.2.
Function Pointer Overwrite
7.1.3.3.
Virtual Table Corruption
7.2.
Code Reuse Attacks
7.2.1.
Return-Oriented Programming
7.2.1.1.
Gadget Discovery
7.2.1.2.
ROP Chain Construction
7.2.1.3.
Stack Pivot Techniques
7.2.2.
Jump-Oriented Programming
7.2.2.1.
JOP Gadget Identification
7.2.2.2.
Dispatcher Gadget Usage
7.2.2.3.
JOP Chain Assembly
7.2.3.
JIT Code Reuse
7.2.3.1.
JIT Spray Techniques
7.2.3.2.
JIT Code Layout Prediction
7.2.3.3.
Dynamic Code Generation Abuse
7.3.
Primitive Construction
7.3.1.
Address Leak Primitives
7.3.1.1.
Object Address Disclosure
7.3.1.2.
Function Pointer Leakage
7.3.1.3.
Stack Address Revelation
7.3.2.
Arbitrary Read Primitives
7.3.2.1.
Memory Content Disclosure
7.3.2.2.
Pointer Following
7.3.2.3.
Type Confusion Exploitation
7.3.3.
Arbitrary Write Primitives
7.3.3.1.
Memory Corruption Techniques
7.3.3.2.
Object Property Manipulation
7.3.3.3.
Function Pointer Overwrite
Previous
6. Browser Exploitation Methodology
Go to top
Next
8. JavaScript Engine Exploitation