Home

Awesome

Awesome Vulnerability Research Awesome

๐Ÿฆ„ A curated list of the awesome resources about the Vulnerability Research

First things first: There are no exploits in this project. Vulnerabilities != Exploits A Vulnerability resides in the software itself, doing nothing on its own. If you are really curious about then youโ€™ll find your own way to discover a flow, this list aimed to help you find it faster.

Maintained by Sergey Pronin with contributions from the community. Become the next ๐ŸŒŸ stargazer or โœ๏ธ contributor.

Made With Passion License CC-BY-SA-4.0 GitHub Stars

Vulnerability Research is the process of analyzing a product, protocol, or algorithm - or set of related products - to find, understand or exploit one or more vulnerabilities. Vulnerability research can but does not always involve reverse engineering, code review, static and dynamic analysis, fuzzing and debugging.

Purpose

Currently, there is way more insecure code out there than researchers. Much more people looking at code thatโ€™s deployed in the real world are required by the market. This project exists to share a different awesome sources of information with you and encourage more people to get involved. Here you will find books and articles, online classes, recommended tools, write-ups, methodologies and tutorials, people to follow, and more cool stuff about Vulnerability Research and tinkering with application execution flow in general.

Contributing

This List is published according to the "Done is better than Perfect" approach, so your contributions and suggestions are very valuable and are always welcome! There are two options:

  1. Use the standard method of forking this repo, making your changes and doing a pull request to have your content added. Please check the Contributing Guideline for more details.
  2. Occasionally, if you just want to copy/paste your content, I'll take that too! Create an "Issue" with your suggestions and I will add it for you.

Legend:


Contents

Advisories

Back to Contents

Articles

Back to Contents

Books

Back to Contents

Classes

Back to Contents

Conferences

Back to Contents

Conference talks

Back to Contents

Intentionally vulnerable packages

Back to Contents

Mailing lists and Newsletters

Back to Contents

Presentations

Back to Contents

Podcasts and Episodes

Podcasts

Back to Contents

Episodes

Back to Contents

Relevant Standards

Back to Contents

Miscellaneous Documents

Back to Contents

Research Papers

Whitepapers

Back to Contents

Individual researchers

Back to Contents

Tools and Projects

Back to Contents

GitHub repos

Back to Contents

Tutorials

Back to Contents

Videos

Back to Contents

Vendorโ€™s bug databases

Back to Contents

Vulnerability databases

Back to Contents

Wargames and CTFs

Back to Contents

Websites

Back to Contents

Blogs

Back to Contents

Who to Follow

Discord

Back to Contents

GitHub

Back to Contents

Medium

Back to Contents

Twitter

Back to Contents

Miscellaneous Advisories

Back to Contents

Companies and Jobs

Back to Contents

Coordinated Disclosure

Back to Contents

Common Lists

Awesome Lists

Back to Contents

Other Lists

Back to Contents

Thanks

Thanks a lot!

Back to Contents

License

This work is licensed under a Creative Commons Attribution Share-Alike 4.0 International License

CC-BY-SA-4.0

Back to Contents