Cada vez son más las universidades que están publicando el material de sus clases. Ya publicamos la semana pasada sobre un Curso sobre seguridad ofensiva por la Universidad del Estado de Florida. Ahora la Universidad de Texas en Dallas es la que ha publicado el material de su curso titulado System Security and Binary Code Analysis.
En éste se cubren los siguientes temas:
- Memory exploits (buffer overflows, format strings, integer overflows, etc. Creación de shellcodes usando técnicas ROP y HeapSpray).
- OS Kernel Internals (comportamiento de un programa cuando es ejecutado por el sistema operativo. Conceptos de la memoria virtual in traducción a memoria física, etc. Cubren el núcleo de Linux y Windows).
- Linker and Loader Internals (enlazado dinámico de un programa y como aprovecharse del mismo).
- Kernel-level Defense (mecanismos de defensa ASR, DEP y NX-bits).
- User-level Defense.
- Binary code reverse engineering (análisis dinámico y estático, flujo de control, malware, etc).
| Course Overview | Instructor | [pdf] [handout] | |||
| System and Software Security Foundations: Understanding Binary Code Analysis | |||||
|---|---|---|---|---|---|
| Binary Code/Data Representation | Instructor | [pdf] [handout] | |||
| Program Representation | Instructor | [pdf] [handout] | |||
| Dynamic Binary Instrumentation (PIN, Valgrind, Qemu) | Instructor | [pdf] [handout] | |||
| Principles of Program Analysis | Instructor | [pdf] [handout] | |||
| Guest Lecture: Recent Cyber Attacks and Implications | Jon Shapiro | [pdf] | |||
| Guest Lecture: Web Vulnerability (SQL injection, Cross-site scripting) Analysis | Duong Ngo | N/A | |||
| Design and Implementation of a Data Flow Analysis (taint analysis) | Instructor | [pdf] [handout] | |||
| System and Software Security Foundations: Understanding the OS Kernel | |||||
| Understanding the OS Architecture and Linux History | Instructor | [pdf] [handout] | |||
| An Overview of Linux and Windows Kernel | Instructor | [pdf] [handout] | |||
| Process Management | Instructor | [pdf] [handout] | |||
| Virtual Memory (I) | Instructor | [pdf] [handout] | |||
| Virtual Memory (II) | Instructor | [pdf] [handout] | |||
| File System (I) | Instructor | [pdf] [handout] | |||
| File System (II) | Instructor | [pdf] [handout] | |||
| System and Software Security Foundations: Beyond OS Kernel | |||||
| Revealing Internals of Executable File Format | Instructor | [pdf] [handout] | |||
| Revealing Internals of Compiler (gcc) | Instructor | [pdf] [handout] | |||
| Revealing Internals of Linker (ld) | Instructor | [pdf] [handout] | |||
| Revealing Internals of Loader (ld-linux.so) | Instructor | [pdf] [handout] | |||
| System and Software Security: Techniques, Tools, and Applications | |||||
| Library Interposition | Instructor | [pdf] [handout] | |||
| Virtual Machine Monitor (QEMU/VirtualBox/Xen/KVM) | Instructor | [pdf] [handout] | |||
| Symbolic Execution and Whitebox Fuzzing | Instructor | [pdf] [handout] | |||
| Exploits: Buffer Overflows, Heap Overflow, Integer Overflow | Instructor | [pdf] [handout] | |||
| Robust Exploits: ROP shellcode, Heap Spray | Instructor | [pdf] [handout] | |||
| Fighting for Malware: Unpack, Disassemble, Decompile | Instructor | [pdf] [handout] | |||
| Binary Code Reusing | Instructor | [pdf] [handout] | |||
También podemos acceder a las presentaciones de los alumnos así como a la lista de dichos documentos (muchos de ellos bastante conocidos):