The excellent Zardus (creator of pwn.college) has recorded lectures and slides that might be useful:

Shellcode Injection: Introduction

Shellcode Injection: Common Challenges

Shellcode Injection: Data Execution Prevention

Memory Errors: Introduction

Memory Errors: High-level Problems

Memory Errors: Smashing the Stack

Memory Errors: Causes of Corruption 1

Memory Errors: Causes of Corruption 2

Memory Errors: Stack Canaries

Memory Errors: ASLR

Memory Errors: Causes of Disclosure

Write and execute shellcode to read the flag, but your inputted data is filtered before execution.

Write and execute shellcode to read the flag, but the inputted data cannot contain any form of system call bytes (syscall, sysenter, int), can you defeat this?

Write and execute shellcode to read the flag, but the inputted data cannot contain any form of system call bytes (syscall, sysenter, int), this challenge adds an extra layer of difficulty!

Write and execute shellcode to read the flag, but all file descriptors (including stdin, stderr and stdout!) are closed.

Write and execute shellcode to read the flag, but you only get 18 bytes.

Write and execute shellcode to read the flag, but your input has data inserted into it before being executed.

Write and execute shellcode to read the flag, but your input is sorted before being executed!

Write and execute shellcode to read the flag, but your input is sorted before being executed and stdin is closed.

Write and execute shellcode to read the flag, but every byte in your input must be unique.

Write and execute shellcode to read the flag, but this time you only get 12 bytes!

Write and execute shellcode to read the flag, but this time you only get 6 bytes :)

Overflow a buffer and smash the stack to obtain the flag, but this time bypass a check designed to prevent you from doing so!

Overflow a buffer and smash the stack to obtain the flag, but this time bypass a check designed to prevent you from doing so!

Overflow a buffer and smash the stack to obtain the flag, but this time bypass another check designed to prevent you from doing so!

Overflow a buffer and smash the stack to obtain the flag, but this time bypass another check designed to prevent you from doing so!

Overflow a buffer and smash the stack to obtain the flag, but this time in a PIE binary with a stack canary. Be warned, this requires careful and clever payload construction!

Overflow a buffer and smash the stack to obtain the flag, but this time in a PIE binary with a stack canary. Be warned, this requires careful and clever payload construction!

Overflow a buffer and leak the flag. Be warned, this requires careful and clever payload construction!

Overflow a buffer and leak the flag. Be warned, this requires careful and clever payload construction!

Overflow a buffer and leak the flag. Be warned, this requires careful and clever payload construction!

Overflow a buffer and leak the flag. Be warned, this requires careful and clever payload construction!

Defeat a stack canary in a PIE binary by utilizing a bug left in the binary.

Defeat a stack canary in a PIE binary by utilizing a bug left in the binary.

Leak data left behind unintentionally by utilizing clever payload construction.

Leak data left behind unintentionally by utilizing clever payload construction.

Leak data left behind unintentionally to defeat a stack canary in a PIE binary.

Leak data left behind unintentionally to defeat a stack canary in a PIE binary.