Advanced Attacks and Defenses
Printed from http://andreaprovaglio.com. All rights reserved.
| Track: | Software Security |
| Platform: | Java Ruby Platform-agnostic |
| Days: | 5 |
| Code: | 903 |
| Author: | Andrea Cogliati |
An advanced, in-depth course on application attacks and defenses. Mainly intended for developers, it can help software architects improve the design of applications.
Description
The course begins describing possible attack patterns against software: threat modeling is a fundamental tool to plan vulnerability search in applications and identify best safeguard options.
Eventually, hacker techniques and tools for vulnerability search and exploit in open-source, commercial and remote applications are described and demonstrated: reverse engineering, decompiling, disassembling, input fuzzing, ...
Finally, specific methods to exploit server and client applications are shown.
About 60% of the time is on guided exercises.
Contents
- Insecure software motivations
- Attack patterns taxonomy
- Threat modeling
- Reverse engineering
- Decompiling and disassembling
- Input fuzzing
- Exploiting server applications
- Exploiting client applications
Skills you'll learn
- How to build a robust and secure application
- Identify software vulnerabilities
- Exploiting vulnerabilities
- Reverse engineering
Pre-requisites
To get the most out of this course, you should have attended the following courses or have equivalent practical experience:
Notes
A rudimentary knowledge of a modern operating system, assembly language and C language is recommended
For additional information, please contact us.
