What does HackerNews think of MBE?

This criticism is largely irrelevant. Mitigations like ASLR are not a silver bullet, they are one layer of a defense-in-depth.

You can't hope to exploit an ASLR'd executable without first understanding how to exploit a non-ASLR'd executable. If you want to exploit modern systems, you need to peel back those mitigations one by one (if you're lucky you can jump over multiple layers at once, but not always).

Further, just because mitigations exist, it doesn't mean they're widely deployed. As a recent and prominent example, the Nintendo Switch bootrom was pwned through a classic stack-smash with shellcode-on-stack in ~2018 (or 2017, for those in-the-know).

That said, there are more modern resources available these days, I'm also a fan of https://github.com/RPISEC/MBE, which kinda speedruns you up to the state-of-the-art (although it too is getting kinda old at this point - but things haven't changed that radically since 2015)

There is an excellent pre-packaged VM with levels of challenges that take you through the basics of exploitation to quite advanced levels called "Modern Binary Exploitation" [0]. I would highly recommend it.

You can also do the challenges using IDA/Ghidra instead of looking at the source for a proper challenge and I recommend doing this initially for each challenge.

[0] https://github.com/RPISEC/MBE

There's a ton of info out there in various websites and blogs. I like the RPISEC Modern Binary Exploitation class as a great introduction. The lectures and materials (and a VM!) are on github: https://github.com/RPISEC/MBE