├── Advanced_linux_kernel_inline_hook_implemention.pdf
├── Advanced_understand_linux_kernel_memory_mapping.pdf
├── Bypass_firewall_with_netfilter.pdf
├── Bypassing Linux kernel module version check.pdf
├── CC_STACKPROTECTOR_patch_Analysis.pdf
├── CIH.docx
├── CIH病毒源码分析.docx
├── Exploit linux kernel slub overflow.pdf
├── Exploiting_the_kernel_stack_overflow.pdf
├── Freebsd_kernel_heap_exploitation.pdf
├── Hack dev mem for fun.pdf
├── How_to_Exploit_Linux_Kernel_NULL_Pointer_Dereference.pdf
├── How_to_write_kernel_level_backdoor.pdf
├── Linux_backdoor_sk13b_analysis.pdf
├── New_way_to_hide_files_with_LKM.pdf
├── README.md
├── linux_kernel_inline_hook_with_copied_opcode.pdf
├── linux_kernel_stack_and_heap_exploitation.pdf
└── windows_page_table_self_mapping_analysis.pdf


/Advanced_linux_kernel_inline_hook_implemention.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cloudsec/research/89e9de9960daf8f821dcb3cdefcf665552ffc723/Advanced_linux_kernel_inline_hook_implemention.pdf


--------------------------------------------------------------------------------
/Advanced_understand_linux_kernel_memory_mapping.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cloudsec/research/89e9de9960daf8f821dcb3cdefcf665552ffc723/Advanced_understand_linux_kernel_memory_mapping.pdf


--------------------------------------------------------------------------------
/Bypass_firewall_with_netfilter.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cloudsec/research/89e9de9960daf8f821dcb3cdefcf665552ffc723/Bypass_firewall_with_netfilter.pdf


--------------------------------------------------------------------------------
/Bypassing Linux kernel module version check.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cloudsec/research/89e9de9960daf8f821dcb3cdefcf665552ffc723/Bypassing Linux kernel module version check.pdf


--------------------------------------------------------------------------------
/CC_STACKPROTECTOR_patch_Analysis.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cloudsec/research/89e9de9960daf8f821dcb3cdefcf665552ffc723/CC_STACKPROTECTOR_patch_Analysis.pdf


--------------------------------------------------------------------------------
/CIH.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cloudsec/research/89e9de9960daf8f821dcb3cdefcf665552ffc723/CIH.docx


--------------------------------------------------------------------------------
/CIH病毒源码分析.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cloudsec/research/89e9de9960daf8f821dcb3cdefcf665552ffc723/CIH病毒源码分析.docx


--------------------------------------------------------------------------------
/Exploit linux kernel slub overflow.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cloudsec/research/89e9de9960daf8f821dcb3cdefcf665552ffc723/Exploit linux kernel slub overflow.pdf


--------------------------------------------------------------------------------
/Exploiting_the_kernel_stack_overflow.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cloudsec/research/89e9de9960daf8f821dcb3cdefcf665552ffc723/Exploiting_the_kernel_stack_overflow.pdf


--------------------------------------------------------------------------------
/Freebsd_kernel_heap_exploitation.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cloudsec/research/89e9de9960daf8f821dcb3cdefcf665552ffc723/Freebsd_kernel_heap_exploitation.pdf


--------------------------------------------------------------------------------
/Hack dev mem for fun.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cloudsec/research/89e9de9960daf8f821dcb3cdefcf665552ffc723/Hack dev mem for fun.pdf


--------------------------------------------------------------------------------
/How_to_Exploit_Linux_Kernel_NULL_Pointer_Dereference.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cloudsec/research/89e9de9960daf8f821dcb3cdefcf665552ffc723/How_to_Exploit_Linux_Kernel_NULL_Pointer_Dereference.pdf


--------------------------------------------------------------------------------
/How_to_write_kernel_level_backdoor.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cloudsec/research/89e9de9960daf8f821dcb3cdefcf665552ffc723/How_to_write_kernel_level_backdoor.pdf


--------------------------------------------------------------------------------
/Linux_backdoor_sk13b_analysis.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cloudsec/research/89e9de9960daf8f821dcb3cdefcf665552ffc723/Linux_backdoor_sk13b_analysis.pdf


--------------------------------------------------------------------------------
/New_way_to_hide_files_with_LKM.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cloudsec/research/89e9de9960daf8f821dcb3cdefcf665552ffc723/New_way_to_hide_files_with_LKM.pdf


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # research
 2 | The core papers i researched about kernel security.
 3 | 
 4 | Exploit linux kernel slub overflow. 2010
 5 | 
 6 | Kernel stack overflow with sub %%esp, it's different with stack buffer overflow. 2010
 7 | 
 8 | Exploit linux kernel stack buffer overflow on 2.6 kernels and slab overflow on 2.4 kernels. 2010
 9 | 
10 | How to Exploit Linux Kernel NULL Pointer Dereference. 2010
11 | 
12 | CC_STACKPROTECTOR patch Analysis. 2010
13 | 
14 | Freebsd kernel heap exploitation. 2010
15 | 
16 | Bypass linux kernel module version check. 2010
17 | 
18 | Hack dev mem for fun. 2009
19 | 
20 | Advanced linux kernel inline hook implemention. 2009
21 | 
22 | linux kernel inline hook with copied opcode. 2009
23 | 
24 | Bypass firewall with netfilter. 2009
25 | 
26 | New way to hide files with LKM. 2008
27 | 
28 | 


--------------------------------------------------------------------------------
/linux_kernel_inline_hook_with_copied_opcode.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cloudsec/research/89e9de9960daf8f821dcb3cdefcf665552ffc723/linux_kernel_inline_hook_with_copied_opcode.pdf


--------------------------------------------------------------------------------
/linux_kernel_stack_and_heap_exploitation.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cloudsec/research/89e9de9960daf8f821dcb3cdefcf665552ffc723/linux_kernel_stack_and_heap_exploitation.pdf


--------------------------------------------------------------------------------
/windows_page_table_self_mapping_analysis.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cloudsec/research/89e9de9960daf8f821dcb3cdefcf665552ffc723/windows_page_table_self_mapping_analysis.pdf


--------------------------------------------------------------------------------