Lectures
Date | Topic | Discussions (do readings before class) |
01/12/24 | Introduction (slides-intro, slides-intro2) | |
01/19/24 | Assembly (slides, slides-binpatch) | x86 Assembly Guide Guide to x86-64 Linux VM Setup Linux System Calls |
01/26/24 | Shellcode (slides) | debug your shellcode |
02/02/24 | Linux Security (slides) | Ubuntu Security |
02/09/24 | Reverse Engineering (slides, ghidra) | Ghidra quickstart & tutorial: Solving a simple crackme |
02/16/24 | Control-flow hijack attacks (slides) | Smashing The Stack For Fun And Profit |
02/23/24 | Stack Canaries & ASLR (slides) | NOEXEC and StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks [USENIX Sec’98] |
03/01/24 | Return-oriented programming & Control-flow integrity (rop, cfi) | Advanced return-into-lib(c) exploits (PaX case study Control-flow integrity (link) [CCS’05] |
03/08/24 | Network Attacks (slides) LLM Attacks (slides) |
|
03/15/24 | Spring Break | no class |
03/22/24 | Web Security (slides) | Intro |
03/29/24 | Web Security (slides-js, slides-sqli) | JavaScript & SQL injections |
04/05/24 | Web Security (slides-pwd, slides-sessions) | Passwords & Sessions |
04/12/24 | HackPack CTF | Capture the Flag event for the class that is open to the public, join here |
04/19/24 | Web Security (slides-cors, slides-https) | Origins & HTTPS |