├── CONTRIBUTING.md
└── README.md


/CONTRIBUTING.md:
--------------------------------------------------------------------------------
 1 | # Contribution Guidelines
 2 | 
 3 | **Your pull request should have a useful title. Please carefully read everything in [Adding to this list](#adding-to-this-list).**
 4 | 
 5 | ## Table of Contents
 6 | 
 7 | * [Adding to this list](#adding-to-this-list)
 8 | * [Creating your own awesome list](#creating-your-own-awesome-list)
 9 | * [Adding something to an awesome list](#adding-something-to-an-awesome-list)
10 | * [Updating your Pull Request](#updating-your-pull-request)
11 | 
12 | ## Adding to this list
13 | 
14 | Please ensure your pull request adheres to the following guidelines:
15 | 
16 | * Search previous suggestions before making a new one, as yours may be a duplicate.
17 | * Make sure the item you are adding is useful (and, you know, awesome) before submitting.
18 | * Make an individual pull request for each suggestion.
19 | * Use [title-casing](http://titlecapitalization.com) (AP style).
20 | * Use the following format: `[Item Name](link)`
21 | * Link additions should be added to the bottom of the relevant category.
22 | * New categories or improvements to the existing categorization are welcome.
23 | * Check your spelling and grammar.
24 | * Make sure your text editor is set to remove trailing whitespace.
25 | * The pull request and commit should have a useful title.
26 | * The body of your commit message should contain a link to the repository.
27 | 
28 | Thank you for your suggestions!
29 | 
30 | ## Adding something to an awesome list
31 | 
32 | If you have something awesome to contribute to an awesome list, this is how you do it.
33 | 
34 | You'll need a [GitHub account](https://github.com/join)!
35 | 
36 | 1. Access the awesome list's GitHub page. For example: https://github.com/sindresorhus/awesome
37 | 2. Click on the `readme.md` file: ![Step 2 Click on Readme.md](https://cloud.githubusercontent.com/assets/170270/9402920/53a7e3ea-480c-11e5-9d81-aecf64be55eb.png)
38 | 3. Now click on the edit icon. ![Step 3 - Click on Edit](https://cloud.githubusercontent.com/assets/170270/9402927/6506af22-480c-11e5-8c18-7ea823530099.png)
39 | 4. You can start editing the text of the file in the in-browser editor. Make sure you follow guidelines above. You can use [GitHub Flavored Markdown](https://help.github.com/articles/github-flavored-markdown/). ![Step 4 - Edit the file](https://cloud.githubusercontent.com/assets/170270/9402932/7301c3a0-480c-11e5-81f5-7e343b71674f.png)
40 | 5. Say why you're proposing the changes, and then click on "Propose file change". ![Step 5 - Propose Changes](https://cloud.githubusercontent.com/assets/170270/9402937/7dd0652a-480c-11e5-9138-bd14244593d5.png)
41 | 6. Submit the [pull request](https://help.github.com/articles/using-pull-requests/)!
42 | 
43 | ## Updating your Pull Request
44 | 
45 | Sometimes, a maintainer of this list will ask you to edit your Pull Request before it is included. This is normally due to spelling errors or because your PR didn't match the awesome-\* list guidelines.
46 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Awesome ARM Exploitation
 2 | 
 3 | [![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome)
 4 | 
 5 | A collection of awesome videos, articles, books, tools and resources about ARM exploitation.
 6 | 
 7 | ## Contents
 8 | * [Conference Talks / Videos](#conference-talks--videos)
 9 | * [Articles / Papers](#articles--papers)
10 | * [Resources](#resources)
11 | * [CTF / Training Binaries](#ctf--training-binaries)
12 | * [Books](#books)
13 | * [Tools](#tools)
14 | * [Courses](#courses)
15 | * [Related Awesome Lists](#related-awesome-lists)
16 | * [Contributing](#contributing)
17 | 
18 | ## Conference Talks / Videos
19 | * [Exploitation on ARM](https://www.youtube.com/watch?v=kykVyJ0dm8Y) - Itzhak Avraham - Defcon 18 (2010)
20 | * [ARM Exploitation ROPMAP](https://www.youtube.com/watch?v=VDyf_tJ8IUg) - Long Le - Blackhat USA (2011)
21 | * [Advanced ARM Exploitation](https://www.youtube.com/watch?v=gdsPydfBfSA) - Stephen Ridley & Stephen Lawler - Blackhat USA (2012)
22 | * [ARM Assembly and Shellcode Basics](https://www.youtube.com/watch?v=BhjJBuX0YCU) - Saumil Shah - 44CON (2017)
23 | * [Heap Overflow Exploits for Beginners (ARM Exploitation Tutorial)](https://www.youtube.com/watch?v=L8Ya7fBgEzU) - Billy Ellis (2017)
24 | * [Introduction to Exploitation on ARM64](https://www.youtube.com/watch?v=xVyH68HFsQU) - Billy Ellis - Codetalks (2018)
25 | * [Make ARM Shellcode Great Again](https://www.youtube.com/watch?v=9tx293lbGuc) - Saumil Shah - Hack.lu (2018)
26 | * [ARM Memory Tagging, how it improves C++ memory safety](https://www.youtube.com/watch?v=iP_iHroclgM) - Kostya Serebryany - LLVM (2018)
27 | * [Breaking Samsung's ARM Trustzone](https://i.blackhat.com/USA-19/Thursday/us-19-Peterlin-Breaking-Samsungs-ARM-TrustZone.pdf)
28 | * [Hacker Nightmares: Giving Hackers a Headache with Exploit Mitigations](https://www.youtube.com/watch?v=riQ-WyYrxh4) - Azeria - Virtual Arm Research Summit (2020)
29 | 
30 | ## Articles / Papers
31 | * [ARM Assembly Basics Series](https://azeria-labs.com/writing-arm-assembly-part-1/) - Azeria
32 | * [ARM Binary Exploitation Series](https://azeria-labs.com/writing-arm-shellcode/) - Azeria
33 | * [Smashing the ARM Stack](https://www.merckedsecurity.com/blog/smashing-the-arm-stack-part-1) - Mercked Security
34 | * [Introduction to ARMv8 64-bit Architecture](https://quequero.org/2014/04/introduction-to-arm-architecture/) - pnuic
35 | * [Alphanumeric RISC ARM Shellcode](http://phrack.org/issues/66/12.html) - (Phrack) - Yves Younan, Pieter Philippaerts
36 | * [Return-Oriented Programming on a Cortex-M Processor](https://ieeexplore.ieee.org/document/8029521)
37 | * [3or ARM Exploitation Series](https://blog.3or.de/arm-exploitation-return-oriented-programming.html) - Dimitrios Slamaris
38 | * [Developing StrongARM/Linux Shellcode](http://www.phrack.com/issues/58/10.html) - (Phrack) - funkysh
39 | * [Reversing and Exploiting ARM Binaries](http://www.mathyvanhoef.com/2013/12/reversing-and-exploiting-arm-binaries.html) - Mathy Vanhoef
40 | * [ARM Exploitation for IoT Series](https://quequero.org/2017/07/arm-exploitation-iot-episode-1/) - Andrea Sindoni
41 | * [Reverse Engineering of ARM Microcontrollers](https://rdomanski.github.io/Reverse-engineering-of-ARM-Microcontrollers/) - Rdomanski
42 | * [ARM64 Reversing and Exploitation Part 1 - ARM Instruction Set + Simple Heap Overflow
43 | ](http://highaltitudehacks.com/2020/09/05/arm64-reversing-and-exploitation-part-1-arm-instruction-set-heap-overflow/) - HighAltitudeHacks
44 | 
45 | ## Resources
46 | 
47 | * [ARM Architecture Reference Manual](http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.subset.architecture.reference/index.html)
48 | * [Online ARM Assembler](https://azm.azerialabs.com/)
49 | * [ARM TEE Reversing and Exploitation](https://github.com/enovella/TEE-reversing)
50 | 
51 | ## CTF / Training Binaries
52 | 
53 | * [Exploit Me](https://github.com/bkerler/exploit_me)
54 | * [Exploit Challenges](https://github.com/Billy-Ellis/Exploit-Challenges)
55 | * [Azeria ARM Lab](https://azeria-labs.com/emulate-raspberry-pi-with-qemu/)
56 | 
57 | ## Books
58 | 
59 | * [Practical Reverse Engineering](https://www.wiley.com/en-us/Practical+Reverse+Engineering%3A+x86%2C+x64%2C+ARM%2C+Windows+Kernel%2C+Reversing+Tools%2C+and+Obfuscation-p-9781118787311) (Chapter 2) - Bruce Dang, Alexandre Gazet and Elias Bachalany
60 | * [Beginners Guide to Exploitation on ARM](https://zygosec.com/book.html) - Volumes 1 & 2 - Billy Ellis
61 | * [ARM Assembly Language: Fundamentals & Techniques](https://www.amazon.co.uk/ARM-Assembly-Language-Fundamentals-Techniques/dp/1439806101) - William Hohl
62 | 
63 | ## Tools
64 | 
65 | * [Ropper](https://github.com/sashs/Ropper)
66 | 
67 | ## Courses
68 | 
69 | * [Azeria ARM Training](https://training.azeria-labs.com/)
70 | * [Pentest Academy ARM Assembly](https://www.pentesteracademy.com/course?id=46)
71 | * [Pentest Academy Reverse Engineering for ARM Platforms](https://www.pentesteracademy.com/course?id=49)
72 | * [IHackArm Offensive ARM Exploitation](https://ihackarm.com/)
73 | 
74 | ## Related Awesome Lists
75 | 
76 | * [Awesome Android Security](https://github.com/ashishb/android-security-awesome)
77 | * [Awesome iOS Security](https://github.com/ashishb/osx-and-ios-security-awesome)
78 | * [Awesome IoT Hacks](https://github.com/nebgnahz/awesome-iot-hacks)
79 | * [Awesome Exploit Development](https://github.com/FabioBaroni/awesome-exploit-development)
80 | 
81 | ## [Contributing](CONTRIBUTING.md)
82 | 
83 | Your contributions are always welcome!
84 | 


--------------------------------------------------------------------------------