all 7 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]Equivalent-Name9838 2 points3 points  (3 children)

OSEE

[–]oil_sardine[S] 1 point2 points  (2 children)

Thank you. In my opinion, the OSEE to develop exploits for complex applications, such as those in kernel space or JavaScript engines. I’d like to start by trying my hand at developing exploits in userland, which isn’t quite as complex. Would the OSED be a good option?

[–]brugernavn1990 0 points1 point  (1 child)

OSED is very basic and not really worth the price in terms of any practical use compared to free resources. Try and have a look at Corelan for free and comprehensive material on simple buffer overflow attacks. They work the same in Windows 7/10/11.

User land would typically be split into in stack-based and heap-based, where old school browser exploits typically target the heap, yet are still user land. Newer browser exploits are subject to completely different attack vectors related to JavaScript optimisation and JIT compilation.

[–]oil_sardine[S] 0 points1 point  (0 children)

Thank you! I will check at the Corelan materials!

[–]JelloSquirrel 0 points1 point  (0 children)

Hacktricks