SIL765: Network & System Security

Home   –   Course Description   –   Administrivia   –   Reading List   –   Schedule   –   Lab   –   # PPTs   –   Other Links   


Heap spraying --- in depth

  1. MALLOC DES-MALEFICARUM (phrack BlackAngel)
  2. Ben Hawkes Vista Heap Attacks
  3. good overview of heap layout/attack vectors and recipes as he calls them to setup your heap state.
  4. Low Fragmentation Heap by Chris Valasek
  5. given in Argentina at ektoparty? Same one was delivered at Blackhat USA 2010
  6. Advanced Doug lea’s malloc exploits Phrack
  7. Max’s Vudoo Paper in Phrack
  8. Dion Blazakis JIT Spraying
  9. Filling Adobe’s Heap
  10. good overview on how to fillup the heap with data in different programs. Not limited to adobe nor javascript.
  11. Once upon a free(), Phrack
  12. Heap Feng Shui by Alexander Sotirov
  13. Great talk on heap techniques and he releases his heaplib.js code to manipulate the heap in javascript.
  14. HeapDraw
  15. visualization tool for seeing the output of memory allocations in your target application.
  16. Heap Massage by Gera
  17. Yet another free()
  18. article at phrack
  19. Sean Heelan TCMalloc Scripts
  20. importance of scripts and heap information
  21. Reliable windows heap exploits
  22. Double free vulnerabilities
  23. Huku’s phrack article on another free()
  24. Runtime detection of heap overflows
  25. Heaps About Heaps by Insomniac Security


  1. Fuzzing - making software dumber
  2. Fuzzing and Testing