Lectures
| Date | Topic | Discussions (do readings before class) |
| 01/12/24 | Introduction (slides-intro, slides-intro2) | |
| 01/19/24 | Assembly (slides, slides-binpatch) | x86 Assembly Guide Guide to x86-64 Linux VM Setup Linux System Calls |
| 01/26/24 | Shellcode (slides) | debug your shellcode |
| 02/02/24 | Linux Security (slides) | Ubuntu Security |
| 02/09/24 | Reverse Engineering (slides, ghidra) | Ghidra quickstart & tutorial: Solving a simple crackme |
| 02/16/24 | Control-flow hijack attacks (slides) | Smashing The Stack For Fun And Profit |
| 02/23/24 | Stack Canaries & ASLR (slides) | NOEXEC and StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks [USENIX Sec’98] |
| 03/01/24 | Return-oriented programming & Control-flow integrity (rop, cfi) | Advanced return-into-lib(c) exploits (PaX case study Control-flow integrity (link) [CCS’05] |
| 03/08/24 | Network Attacks (slides) LLM Attacks (slides) |
|
| 03/15/24 | Spring Break | no class |
| 03/22/24 | Web Security (slides) | Intro |
| 03/29/24 | Web Security (slides-js, slides-sqli) | JavaScript & SQL injections |
| 04/05/24 | Web Security (slides-pwd, slides-sessions) | Passwords & Sessions |
| 04/12/24 | HackPack CTF | Capture the Flag event for the class that is open to the public, join here |
| 04/19/24 | Web Security (slides-cors, slides-https) | Origins & HTTPS |