Hi guys, I’m looking for vulnerable server side code snippets in order to practice my vulnerabilty research skills.
Do you know where can find a dump of such thing ?
moreover, I would like for a recommadation of CTFs in the topic of vulnerability research.
thanks in advanced
Well I’m no exploit dev or what ever but here is a list of awesome places I know:
https://overthewire.org/wargames/
https://exploit-exercises.lains.space/
https://pwnable.kr/
I advice you to start with exploit exercises as they deal with vulnerable code snippets
hope this helps!
i really encourage purchasing this book to support the authors, but you can peruse it, here. vulnerable snippets and solutions to bad practices
http://index-of.es/Miscellanous/24-DEADLY-SINS-OF-SOFTWARE-SECURITY-2010.pdf
SEI CERT has coding standards with examples of vulnerable and remedied code. there are free books on C, C++, Android, Perl, and Java
https://wiki.sei.cmu.edu/confluence/display/seccode/SEI+CERT+Coding+Standards
The first book is just wow
not quite code, but rules for most languages when conducting source analysis
Thanks guys, your’e the best !
Thank you for link to the 24 deadly sins. Incredible book. I just started reading it.
This topic was automatically closed after 121 days. New replies are no longer allowed.