Exploit Gelistirme Okuma Listesi

Exploit Gelistirme: Mutlaka Okunmasi Gereken Kaynaklar

Bu sayfa, binary exploitation, Windows/Linux kernel exploitation ve genel guvenlik arastirmalari icin mutlaka okunmasi gereken kitaplari, makaleleri ve kaynaklari iceriyor.

Linux Exploitation

Baslangic

• Hacking: The Art of Exploitation - Jon Erickson
  Binary exploitation’in kutsal kitabi. Assembly, stack overflow, shellcode yazimi.
  No Starch Press

• The Shellcoder’s Handbook - Chris Anley et al.
  Shellcode yaziminin A’dan Z’ye rehberi.
  Wiley

• Practical Binary Analysis - Dennis Andriesse
  ELF formati, disassembly, symbolic execution.
  No Starch Press

Orta

• Learning Linux Binary Analysis - Ryan O’Neill
  ELF formatinin derinlikleri, virus teknikleri, binary patching.
  Packt

• Linux Kernel Development - Robert Love
  Kernel’i anlamak icin temel kitap.
  Pearson

• A Guide to Kernel Exploitation - Enrico Perla
  Linux ve BSD kernel exploitation teknikleri.
  Elsevier

Ileri

• Linux Kernel Exploitation - Andrey Konovalov
  Modern kernel exploitation: KASLR, SMEP/SMAP bypass.
  GitHub

Windows Exploitation

Baslangic

• Windows Internals Part 1 & 2 - Mark Russinovich et al.
  Windows’u anlamadan exploit yazamazsin.
  Microsoft Press

• Practical Malware Analysis - Michael Sikorski
  Reverse engineering ve malware analizi.
  No Starch Press

Orta

• Windows Kernel Programming - Pavel Yosifovich
  Kernel driver gelistirme.
  Leanpub

• The Rootkit Arsenal - Bill Blunden
  Rootkit teknikleri: hooking, DKOM, bootkits.
  Jones & Bartlett

Ileri

• Exploiting Software - Greg Hoglund
  Attack patterns, vulnerability discovery.
  Addison-Wesley

Temel Makaleler

Stack & ROP

• Smashing the Stack for Fun and Profit - Aleph One (1996)
  Phrack 49

• The Geometry of Innocent Flesh on the Bone - Hovav Shacham (2007)
  PDF

• Return-Oriented Programming - Roemer et al. (2012)
  ACM

Heap

• Vudo Malloc Tricks - MaXX (2001)
  Phrack 57

• The Malloc Maleficarum - Phantasmal (2005)
  Phrack 66

Format String

• Exploiting Format String Vulnerabilities - scut (2001)
  PDF

CPU Attacks

• Spectre Attacks - Kocher et al. (2018)
  PDF

• Meltdown - Lipp et al. (2018)
  PDF

Online Kaynaklar

Pratik

• pwn.college - Binary exploitation kursu
• ROP Emporium - ROP challenge’lari
• how2heap - Heap exploitation
• nightmare - Binary exploitation rehberi
• ir0nstone - Pwn notlari

Video

• LiveOverflow - Exploitation videolari

Sertifika

• OSED - Windows User-Mode Exploitation
• OSEE - Advanced Windows Exploitation

Araclar

• pwntools - Python exploit kutuphanesi
• GEF - GDB extension
• pwndbg - GDB plugin
• Ghidra - Reverse engineering
• angr - Symbolic execution
• Frida - Dynamic instrumentation
• Radare2 - RE framework
• ROPgadget - Gadget finder
• one_gadget - One-shot RCE finder

Arsivler

• Phrack Magazine - 1985’ten beri
• Project Zero - Google arastirma ekibi
• Exploit-DB - Public exploit arsivi
• GTFOBins - Unix binaries
• LOLBAS - Windows binaries

Yol Haritasi

Baslangic

1. Hacking: The Art of Exploitation
2. Smashing the Stack for Fun and Profit
3. picoCTF / pwn.college
4. ROP Emporium
5. Practical Binary Analysis
6. how2heap

Ileri

1. Linux Kernel Development
2. A Guide to Kernel Exploitation
3. Project Zero Blog
4. Kernel CVE analizleri

Son guncelleme: Ocak 2026