Lectures
| Date | Topic | Discussions (do readings before class) |
| 01/14 | Introduction (slides-intro, slides-whysec) | |
| 01/21 | Shellcode (slides) | x86 Assembly Guide Guide to x86-64 Linux VM Setup Linux System Calls |
| 01/28 | keynote at CCSC’22 - no class | |
| 02/04 | Linux Security (slides) | Ubuntu Security |
| 02/11 | Reverse Engineering (slides, tutorial) | Ghidra Black Hat’19 talk |
| 02/18 | Control-flow hijack attacks (slides) | Smashing The Stack For Fun And Profit (link) |
| 02/18 | Stack Canaries & ASLR (slides) | NOEXEC and StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks (link) [USENIX Sec’98] |
| 02/25 | Return-into-libc & ROP (slides) | Advanced return-into-lib(c) exploits (PaX case study) (link) |
| 03/11 | Web Security (slides) | Intro |
| 03/18 | spring break - no class | |
| 03/25 | Web Security (slides) | SQL Injections |
| 04/01 | Web Security (slides, slides) | HTML+JavaScript, XSS Attacks |
| 04/08 | HackPack CTF | Capture the Flag event for the class that is open to the public, join here |
| 04/15 | Web Security | AJAX & web frameworks |
| 04/22 | Web Security | Client-side Attacks & Isolation |