The heap is the part of the virtual address space, where memory is dynamically allocated by an application during the execution. A heap overflow is a type of buffer overflow, but in contrast to a stack based overflow, a heap based overflow is performed by corrupting dynamically allocated memory in order to change the behavior of a program.
In this thesis a variety of different techniques for exploiting heap based overflows and the implementation of dynamic memory allocations will be explored in order to gain a better understanding of how exploitation is possible. The types of different mitigation will be analyzed too and the way how some of these may be bypassed. In addition, known heap overflow vulnerabilities will be investigated in software.