Lectures
01/06/25 | Introduction (slides-intro, slides-intro2) | |
01/08/25 | Assembly intro (slides) | x86 Assembly Guide Guide to x86-64 |
01/13/25 | Assembly writing (slides-binpatch) | Linux VM Setup Linux System Calls |
01/15/25 | Shellcode (slides) | debug your shellcode |
01/20/25 | No class - University closed | |
01/22/25 | No class - University closed | |
01/27/25 | Writing shellcode (hands-on) | shellcode development guide |
01/29/25 | Linux Security 1/2 (slides) | Ubuntu Security |
02/03/25 | Linux Security 2/2 | |
02/05/25 | Reverse Engineering 1/2 (slides) | Ghidra quickstart & tutorial: Solving a simple crackme |
02/10/25 | Reverse Engineering 2/2 | |
02/12/25 | Control-flow hijack attacks (slides) | Smashing The Stack For Fun And Profit |
02/17/25 | Stack Canaries & ASLR (slides) | NOEXEC and StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks [USENIX Sec’98] |
02/19/25 | No class - University closed | |
02/24/25 | Return-oriented programming (rop | Advanced return-into-lib(c) exploits (PaX case study) |
02/26/25 | No class | Check out some NDSS papers |
03/03/25 | Control-flow integrity cfi | Control-flow integrity (link) |
03/05/25 | Control-flow integrity | (continued) |
03/10/25 | No class - Spring Break | |
03/12/25 | No class - Spring Break | |
03/17/25 | Web Security (slides) | Intro |
03/19/25 | Web Security | Intro (continued) |
03/24/25 | Web Security (slides-js) | JavaScript |
03/26/25 | Web Security (slides-sqli) | SQL injections |
03/31/25 | Web Security (slides-pwd) | Passwords |
04/02/25 | Web Security (slides-sessions) | Sessions |