Unelte utilizator
Sidebar
studenti:summer-schools:security
Aceasta e o versiune anterioară a paginii.
= Security Summer School =
From „Voodoo“ to „You Do“ via hex and fun.
Proudly brought to you by ACS, Ixia and Hexcellents.
Period
23rd of June - 10th of August 2014
Links
Summary
The first edition of a new Security Summer School focused on Practical Software Exploitation will take place between June 23rd and August 10th 2014, at the Faculty of Automatic Control and Computers, University POLITEHNICA of Bucharest. Students will be go through an in-depth tour of what it means to discover, successfully exploit and patch a software vulnerability and develop the necessary skills and insights needed to embark on such an endeavor.
Activities will take place during two intensive training sessions per week as well as two Capture the Flag (CTF) contests that will be held mid-term and at the end of the summer school. The final CTF contest will be the highlight of the summer school and students will able to showcase the skills they have learned and be awarded prizes offered by Ixia.
Application
We welcome students to apply via Stagii pe Bune. Choose „Security Summer School“ under the „Summer Schools“ heading, for the company „Facultatea de Automatica si Calculatoare, UPB“.
Apart from filling out your CV, we want to see your h4x0r sk111z by solving set of three challenges. Please download the challenge tasks, go through the README and then submit your solution on this Google form; you may edit your submission if you forget something during the first try. The deadline for submitting your answers is Sunday, May 25th.
After May 25th we will organize a set of interviews to decide who will take place in the Security Summer School.
Requirements
We expect good programming skills and a fair knowledge of C programming language. Python and shell scripting skills are welcome.
More than anything we expect a proactive attitude, a love for challenges and „tinkering“ and the interest in security and hacking.
Location & Schedule
The Security Summer School will take place in Faculty of Automatic Control and Computers, University POLITEHNICA of Bucharest, room EG106 (Ixia lab), first floor, EG wing.
Activities will take place twice a week:
- Monday, 4pm-8pm
- Thursday, 9am-1pm
Each session will be highly practical: a presentation of a set of basic concepts on slides follow by hands-on activities (tutorials and tasks).
The 9th-10th of August week-end is reserved for the final CTF contest and awards ceremony.
Syllabus
# Introduction to the world of software exploitation ## Dissecting a real-life exploit ## Assembly Language Refresher ## Operating Systems Concepts Refresher ## Types of Security Exploits ## Vulnerability databases # Vulnerability Assessment ## Introduction to debugging on Windows (Immunity Debugger) (dynamic analysis) ## Introduction to disassemblers (IDA) (static analysis) # Vulnerability Discovery ## Fuzzing Methods ## Fuzzing Frameworks ## Fuzzing Examples # Weaponizing the vulnerability ## Exploit protection mechanisms & getting past them ## Shellcode ## Methods of inserting and calling the shellcode # Preventing vulnerabilities in your own code ## Code auditing ## Secure programming standards
Team
* Adrian Șendroiu * Dan Gioga * Dragoș Comăneci * Radu Caragea * Răzvan Crainea * Răzvan Deaconescu * Silviu Popescu * Tudor Azoiței
Supporting members
* Irina Preșa * Lucian Cojocar * Vlad Dumitrescu
studenti/summer-schools/security.1399742369.txt.gz · Ultima modificare: 2014/05/10 20:19 de către razvan.deaconescu
