# Awesome ARM Exploitation [![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome) A collection of awesome videos, articles, books, tools and resources about ARM exploitation. ## Contents * [Conference Talks / Videos](#conference-talks--videos) * [Articles / Papers](#articles--papers) * [Resources](#resources) * [CTF / Training Binaries](#ctf--training-binaries) * [Books](#books) * [Tools](#tools) * [Courses](#courses) * [Related Awesome Lists](#related-awesome-lists) * [Contributing](#contributing) ## Conference Talks / Videos * [Exploitation on ARM](https://www.youtube.com/watch?v=kykVyJ0dm8Y) - Itzhak Avraham - Defcon 18 (2010) * [ARM Exploitation ROPMAP](https://www.youtube.com/watch?v=VDyf_tJ8IUg) - Long Le - Blackhat USA (2011) * [Advanced ARM Exploitation](https://www.youtube.com/watch?v=gdsPydfBfSA) - Stephen Ridley & Stephen Lawler - Blackhat USA (2012) * [ARM Assembly and Shellcode Basics](https://www.youtube.com/watch?v=BhjJBuX0YCU) - Saumil Shah - 44CON (2017) * [Heap Overflow Exploits for Beginners (ARM Exploitation Tutorial)](https://www.youtube.com/watch?v=L8Ya7fBgEzU) - Billy Ellis (2017) * [Introduction to Exploitation on ARM64](https://www.youtube.com/watch?v=xVyH68HFsQU) - Billy Ellis - Codetalks (2018) * [Make ARM Shellcode Great Again](https://www.youtube.com/watch?v=9tx293lbGuc) - Saumil Shah - Hack.lu (2018) * [ARM Memory Tagging, how it improves C++ memory safety](https://www.youtube.com/watch?v=iP_iHroclgM) - Kostya Serebryany - LLVM (2018) * [Breaking Samsung's ARM Trustzone](https://i.blackhat.com/USA-19/Thursday/us-19-Peterlin-Breaking-Samsungs-ARM-TrustZone.pdf) * [Hacker Nightmares: Giving Hackers a Headache with Exploit Mitigations](https://www.youtube.com/watch?v=riQ-WyYrxh4) - Azeria - Virtual Arm Research Summit (2020) ## Articles / Papers * [ARM Assembly Basics Series](https://azeria-labs.com/writing-arm-assembly-part-1/) - Azeria * [ARM Binary Exploitation Series](https://azeria-labs.com/writing-arm-shellcode/) - Azeria * [Smashing the ARM Stack](https://www.merckedsecurity.com/blog/smashing-the-arm-stack-part-1) - Mercked Security * [Introduction to ARMv8 64-bit Architecture](https://quequero.org/2014/04/introduction-to-arm-architecture/) - pnuic * [Alphanumeric RISC ARM Shellcode](http://phrack.org/issues/66/12.html) - (Phrack) - Yves Younan, Pieter Philippaerts * [Return-Oriented Programming on a Cortex-M Processor](https://ieeexplore.ieee.org/document/8029521) * [3or ARM Exploitation Series](https://blog.3or.de/arm-exploitation-return-oriented-programming.html) - Dimitrios Slamaris * [Developing StrongARM/Linux Shellcode](http://www.phrack.com/issues/58/10.html) - (Phrack) - funkysh * [Reversing and Exploiting ARM Binaries](http://www.mathyvanhoef.com/2013/12/reversing-and-exploiting-arm-binaries.html) - Mathy Vanhoef * [ARM Exploitation for IoT Series](https://quequero.org/2017/07/arm-exploitation-iot-episode-1/) - Andrea Sindoni * [Reverse Engineering of ARM Microcontrollers](https://rdomanski.github.io/Reverse-engineering-of-ARM-Microcontrollers/) - Rdomanski * [ARM64 Reversing and Exploitation Part 1 - ARM Instruction Set + Simple Heap Overflow ](http://highaltitudehacks.com/2020/09/05/arm64-reversing-and-exploitation-part-1-arm-instruction-set-heap-overflow/) - HighAltitudeHacks ## Resources * [ARM Architecture Reference Manual](http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.subset.architecture.reference/index.html) * [Online ARM Assembler](https://azm.azerialabs.com/) * [ARM TEE Reversing and Exploitation](https://github.com/enovella/TEE-reversing) ## CTF / Training Binaries * [Exploit Me](https://github.com/bkerler/exploit_me) * [Exploit Challenges](https://github.com/Billy-Ellis/Exploit-Challenges) * [Azeria ARM Lab](https://azeria-labs.com/emulate-raspberry-pi-with-qemu/) ## Books * [Practical Reverse Engineering](https://www.wiley.com/en-us/Practical+Reverse+Engineering%3A+x86%2C+x64%2C+ARM%2C+Windows+Kernel%2C+Reversing+Tools%2C+and+Obfuscation-p-9781118787311) (Chapter 2) - Bruce Dang, Alexandre Gazet and Elias Bachalany * [Beginners Guide to Exploitation on ARM](https://zygosec.com/book.html) - Volumes 1 & 2 - Billy Ellis * [ARM Assembly Language: Fundamentals & Techniques](https://www.amazon.co.uk/ARM-Assembly-Language-Fundamentals-Techniques/dp/1439806101) - William Hohl ## Tools * [Ropper](https://github.com/sashs/Ropper) ## Courses * [Azeria ARM Training](https://training.azeria-labs.com/) * [Pentest Academy ARM Assembly](https://www.pentesteracademy.com/course?id=46) * [Pentest Academy Reverse Engineering for ARM Platforms](https://www.pentesteracademy.com/course?id=49) * [IHackArm Offensive ARM Exploitation](https://ihackarm.com/) ## Related Awesome Lists * [Awesome Android Security](https://github.com/ashishb/android-security-awesome) * [Awesome iOS Security](https://github.com/ashishb/osx-and-ios-security-awesome) * [Awesome IoT Hacks](https://github.com/nebgnahz/awesome-iot-hacks) * [Awesome Exploit Development](https://github.com/FabioBaroni/awesome-exploit-development) ## [Contributing](CONTRIBUTING.md) Your contributions are always welcome!