GITBOOK-4292: change request with no subject merged in GitBook

reversing-and-exploiting/linux-exploiting-basic-esp/common-binary-protections-and-bypasses/aslr/README.md

@@ -87,6 +87,8 @@ The previous data is for 32-bit systems and the reduced final entropy makes poss
 
 #### Brute-force ideas:
 
+* If you have a big enough overflow to host a **big NOP sled before the shellcode**, you could just brute-force addresses in the stack until the flow **jumps over some part of the NOP sled**.
+  * Another option for this in case the overflow is not that big and the exploit can be run locally is possible to **add the NOP sled and shellcode in an environment variable**.
 * If the exploit is local, you can try to brute-force the base address of libc (useful for 32bit systems):
 
 ```python

reversing-and-exploiting/linux-exploiting-basic-esp/common-binary-protections-and-bypasses/pie/README.md

@@ -27,6 +27,7 @@ Or you can use this for your exploit, if you leak that an address is located at
 
 In order to bypass PIE it's needed to **leak some address of the loaded** binary, there are some options for this:
 
+* **Disabled ASLR**: If ASLR is disabled a binary compiled with PIE is always **going to be loaded in the same address**, therefore **PIE is going to be useless** as the addresses of the objects are always going to be in the same place.
 * Be **given** the leak (common in easy CTF challenges, [**check this example**](https://ir0nstone.gitbook.io/notes/types/stack/pie/pie-exploit))
 * **Brute-force EBP and EIP values** in the stack until you leak the correct ones: