Aici sunt prezentate diferențele dintre versiunile selectate și versiunea curentă a paginii.
Both sides previous revision Versiuni anterioare Urmatoarea versiune | Versiuni anterioare | ||
studenti:summer-schools:security [2014/05/10 20:19] razvan.deaconescu [Location & Schedule] |
— (curent) | ||
---|---|---|---|
Linia 1: | Linia 1: | ||
- | = Security Summer School = | ||
- | |||
- | **From " | ||
- | |||
- | Proudly brought to you by [[http:// | ||
- | == Period == | ||
- | |||
- | 23rd of June - 10th of August 2014 | ||
- | |||
- | == Links == | ||
- | |||
- | * [[http:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[sss-contact@security.cs.pub.ro|E-mail contact address]] | ||
- | |||
- | == Summary == | ||
- | |||
- | The first edition of a new Security Summer School focused on Practical Software Exploitation will take place between June 23rd and August 10th 2014, at the Faculty of Automatic Control and Computers, University POLITEHNICA of Bucharest. Students will be go through an in-depth tour of what it means to discover, successfully exploit and patch a software vulnerability and develop the necessary skills and insights needed to embark on such an endeavor. | ||
- | |||
- | Activities will take place during two intensive training sessions per week as well as two Capture the Flag (CTF) contests that will be held mid-term and at the end of the summer school. The final CTF contest will be the highlight of the summer school and students will able to showcase the skills they have learned and be awarded prizes offered by Ixia. | ||
- | |||
- | == Application == | ||
- | |||
- | We welcome students to apply via [[http:// | ||
- | |||
- | Apart from filling out your CV, we want to see your h4x0r sk111z by solving set of three challenges. Please [[http:// | ||
- | |||
- | After May 25th we will organize a set of interviews to decide who will take place in the Security Summer School. | ||
- | |||
- | === Requirements === | ||
- | |||
- | We expect good programming skills and a fair knowledge of C programming language. Python and shell scripting skills are welcome. | ||
- | |||
- | More than anything we expect a proactive attitude, a love for challenges and " | ||
- | |||
- | == Location & Schedule == | ||
- | |||
- | The Security Summer School will take place in Faculty of Automatic Control and Computers, University POLITEHNICA of Bucharest, room EG106 (Ixia lab), first floor, EG wing. | ||
- | |||
- | Activities will take place twice a week: | ||
- | * Monday, 4pm-8pm | ||
- | * Thursday, 9am-1pm | ||
- | |||
- | Each session will be highly practical: a presentation of a set of basic concepts on slides follow by hands-on activities (tutorials and tasks). | ||
- | |||
- | The 9th-10th of August week-end is reserved for the final CTF contest and awards ceremony. | ||
- | == Syllabus == | ||
- | |||
- | # Introduction to the world of software exploitation | ||
- | ## Dissecting a real-life exploit | ||
- | ## Assembly Language Refresher | ||
- | ## Operating Systems Concepts Refresher | ||
- | ## Types of Security Exploits | ||
- | ## Vulnerability databases | ||
- | # Vulnerability Assessment | ||
- | ## Introduction to debugging on Windows (Immunity Debugger) (dynamic analysis) | ||
- | ## Introduction to disassemblers (IDA) (static analysis) | ||
- | # Vulnerability Discovery | ||
- | ## Fuzzing Methods | ||
- | ## Fuzzing Frameworks | ||
- | ## Fuzzing Examples | ||
- | # Weaponizing the vulnerability | ||
- | ## Exploit protection mechanisms & getting past them | ||
- | ## Shellcode | ||
- | ## Methods of inserting and calling the shellcode | ||
- | # Preventing vulnerabilities in your own code | ||
- | ## Code auditing | ||
- | ## Secure programming standards | ||
- | |||
- | == Team == | ||
- | |||
- | * Adrian Șendroiu | ||
- | * Dan Gioga | ||
- | * Dragoș Comăneci | ||
- | * Radu Caragea | ||
- | * Răzvan Crainea | ||
- | * Răzvan Deaconescu | ||
- | * Silviu Popescu | ||
- | * Tudor Azoiței | ||
- | |||
- | === Supporting members === | ||
- | |||
- | * Irina Preșa | ||
- | * Lucian Cojocar | ||
- | * Vlad Dumitrescu | ||