https://www.rsaconference.com/writable/presentations/file_upload/asec-f02-writing-secure-software-is-hard-but-at-least-add-mitigations_final.pdf https://www.owasp.org/images/5/54/OWASPSpain8_VULNEX_BinSecSweeper.pdf Microsoft Security Development Lifecycle (SDL) Process Guidance – Version 5.2 http://www.microsoft.com/en-us/download/confirmation.aspx?id=29884 Exploitation相關技巧與防護 http://hick.org/~mmiller/presentations/misc/exploitation_techniques_and_mitigations_on_windows.pdf …