heap

heap
    basics
       the heap itself
       arenas
       chunks
       bins
       freelists
       tcache
    techniques
       house of spirit
       house of lore
       house of force
       house of einherjar
       house of orange
       house of roman
       house of spirit
       house of botcake
       house of mind
       house of prime
    resources
       Phrack
       Azeria Labs
       shellphish

basics

the heap itself

arenas

chunks

- Free / Allocated / Top

bins

- Fast / Unsorted / Small / Large

freelists

tcache

techniques

house of spirit

house of lore

house of force

house of einherjar

house of orange

house of roman

house of spirit

house of botcake

house of mind

house of prime

resources

Phrack

- Vudo malloc tricks
- Once upon a free()
- Malloc Des-Maleficarum
- Linux Kernel Heap Tampering Detection
- OSX heap exploitation techniques

Azeria Labs

- Arm Heap Exploitation
  - PART 1: UNDERSTANDING THE GLIBC HEAP IMPLEMENTATION
  - PART 2: UNDERSTANDING THE GLIBC HEAP IMPLEMENTATION
- HEAP EXPLOIT DEVELOPMENT – CASE STUDY FROM AN IN-THE-WILD IOS 0-DAY
- HEAP OVERFLOWS AND THE IOS KERNEL HEAP
- GROOMING THE IOS KERNEL HEAP

shellphish

- how2heap
  - lot's of small examples


    

    

———
emile - 1655834893.512464s