W. Owen Redwood profesor de la Universidad del Estado de Florida ha publicado el material de la clase que imparte junto a Prof. Xiuwen Liu sobre seguridad ofensiva.
La clase está programada para ser impartida en 15 semanas de la siguiente forma:
Week 1 (Intro / Overview) Lecture 1: Intro, Ethics, & Overview Lecture 2: Linux Overview Week 2 (Overview / Code Auditing) Lecture 3: Windows Overview Lecture 4: Rootkits; Code Auditing Week 3 (Reverse Engineering Workshop Week) Lecture 5: x86 Reverse engineering Lecture 6: x86 Reverse engineering 2 Week 4 (Exploit Development) Lecture 7: Fuzzing and Exploit Development 101 Lecture 8: Shellcode and Exploit Development 102 Week 5 (Exploit Dev / Networking) Lecture 9: Exploit Development 103: SEH Exploitation, Heap Sprays, and Executable Security Mechanisms Lecture 10: Networking 101: Data Layer, Link Layer, and IP layer Week 6 (Networking / Web Application Hacking) Lecture 11: Networking 102: TCP layer, Important Protocols, Services, Portscanning, ARP Lecture 12: Web application Hacking 101 Week 7 (Web Application Hacking) Lecture 13: Web Application Hacking 102: Big picture of topics so far, SQLi, XSS Lecture 14: Web Application Hacking 103: SSL attacks, advanced techniques Week 8 (Web Application Hacking / Exploit dev) Lecture 15: Web Application Hacking 104 & Exploit Development 104 Lecture 16: Midterm review & Exploit Development 105 (ROP) Week 9: (Special Topics) Lecture 17: The Modern History of Cyber Warfare Lecture 18: Social Engineering Week 10 (Metaspl0it): Lecture 19: Metasploit Week 11 (Post Exploitation and Forensics): Lecture 20: Meterpreter and Post Exploitation Lecture 21: Volatility and Incident Response: Week 12 (Physical Security): Lecture 22: Physical Security Workshop: Lockpicking, USB mischief, and BacNET/SCADA system security Week 13 (Malware / Student Presentations): Lecture 23: Advanced Malware Techniques Week 14-15 (Student Presentations) Algunas de las sesiones no contienen vídeo según parece por problemas técnicos, pero los recursos y las diapositivas están disponibles a excepción de la sesión sobre malware.
Leer más