Unelte utilizator
Sidebar
studenti:summer-schools:security
Aceasta e o versiune anterioară a paginii.
= Ixia Summer School on Practical Software Exploitation =
Period
23 June - 8 August 2014
Website
Summary
The first edition of a new Security Summer School focused on Practical Software Exploitation will take place between June 23rd and August 9th 2014, at University POLITEHNICA of Bucharest. Students will be submitted through a hands-on experience of what it means to discover, successfully exploit and patch a software vulnerability and develop the necessary skills and insights needed to embark on such an endeavor. The school programe will consist of two intensive training sessions per week as well as two Capture the Flag (CTF) competitions held mid-term and at the end of the summer school in which students will be able to showcase the skills they’ve learned. Both competitions will also boast prizes offered by Ixia.
Application
The selection is done based on a practical systems programming test as well as a submitted CVs & letter of intent in case of ties.
The internships are available on http://stagiipebune.ro. Please use this platform to submit your CV & letter of intent.
Location & Schedule
Computer Science & Engineering Department, Faculty of Automatic Control and Computers, University POLITEHNICA of Bucharest, Room EG106, First Floor, EG Wing
Proposed Agenda
Two 4 hour sessions/week. The days of the week in which the sessions will be held will be established based on the availability of both students and the course instructors at the start of the summer school.
* Session program: 10AM-12PM / 1 - 3PM * Lunch Break: 12-1PM
Syllabus
# Introduction to the world of software exploitation ## Dissecting a real-life exploit ## Assembly Language Refresher ## Operating Systems Concepts Refresher ## Types of Security Exploits ## Vulnerability databases # Vulnerability Assessment ## Introduction to debugging on Windows (Immunity Debugger) (dynamic analysis) ## Introduction to disassemblers (IDA) (static analysis) # Vulnerability Discovery ## Fuzzing Methods ## Fuzzing Frameworks ## Fuzzing Examples # Weaponizing the vulnerability ## Exploit protection mechanisms & getting past them ## Shellcode ## Methods of inserting and calling the shellcode # Preventing vulnerabilities in your own code ## Code auditing ## Secure programming standards
Team
* Adrian Șendroiu * Dan Gioga * Dragoș Comăneci * Radu Caragea * Răzvan Crainea * Răzvan Deaconescu * Silviu Popescu * Tudor Azoiței
Supporting members
* Irina Preșa * Lucian Cojocar * Vlad Dumitrescu
studenti/summer-schools/security.1399740661.txt.gz · Ultima modificare: 2014/05/10 19:51 de către razvan.deaconescu
