Understanding the fundamentals of attacks – What is happening when someone writes an exploit? by Halvar Flake / Thomas Dullien.
The common “bag of tricks” as Halvar refers to them for hacking, does cover all the major data breaches for the last 24 months.
No zero-day exploits.
Certainly none of the deep analysis offered by Halvar here.
Still, you owe it to yourself and your future on one side or the other of computer security, to review these slides and references carefully.
Even though Halvar concludes (in part)
Exploitation is programming emergent weird machines.
It does not require EIP/RIP, and is not a bad of tricks.
Theory of exploitation is still in embryonic stage.
Imagine the advantages of having mastered the art of exploitation theory at its inception.
In an increasingly digital world, you may be worth your own weight in gold. 😉
PS: Specifying the subject identity properties of exploits will assist in organizing them for future use/defense.
One expert hacker is like a highly skilled warrior.
Making exploits easy to discover/use by average hackers is like a skilled warrior facing a company of average fighters.
The outcome will be bloody, but never in doubt.