Does windows have stack canaries?
Windows stack canarys:
What is a windows SEH?
Favorit target for Windows exploits for years
What mitigations against SEH exploits did windows put in place?
Mitigation: Dynamic SafeSEH
What is the the windows call convention?
Can call Windows Library Functions
Possible to chain library calls
Like ROP, just for function calls
Can defeat DEP (or be used for other things)
What are the problems with windows ASLR?
Windows ASLR problems:
What are the windows HEAP protections?
What is window EMET?
EMET = Enhanced Mitigation Experience Toolkit