The question this course posed was ‘Can we teach a bunch of programmers how to pwn?’
Course website: http://ift.tt/1B6Lkho
Cybersecurity is one of the fastest growing fields in computer science, though its study is rarely covered in academia due to its rapid pace of development and its technical specificity. Modern Binary Exploitation will focus on teaching practical offensive security skills in binary exploitation and reverse engineering. Through a combination of interactive lectures, hands on labs, and guest speakers from industry, the course will offer students a rare opportunity to explore some of the most technically involved and fascinating subjects in the rapidly evolving field of security.
The course will start off by covering basic x86 reverse engineering, vulnerability analysis, and classical forms of Linux-based userland binary exploitation. It will then transition into protections found on modern systems (Canaries, DEP, ASLR, RELRO, Fortify Source, etc) and the techniques used to defeat them. Time permitting, the course will also cover other subjects in exploitation including kernel-land and Windows based exploitation.
This course carried a prereq of Computer Organization – CSCI 2500 at RPI. Computer Organization is RPI’s basic computer architecture course that teaches things like C, MIPS assembly, x86 assembly, Datapaths, CPU Pipelining, CPU Caching, Memory Mapping, etc.
Our expected demographic for Modern Binary Exploitation was students with zero reverse engineering or binary exploitation knowledge. That said, to be able to take this course you will probably need at least the following skills.
Working knowledge of C/C++
Any assembly level experience
Basic Linux command line experience
git clone http://ift.tt/2tnJgHn
This repository contains the materials as developed and used by RPISEC to teach Modern Binary Exploitation at Rensselaer Polytechnic Institute in Spring 2015. This was a university course developed and run solely by students to teach skills in vulnerability research, reverse engineering, and binary exploitation.
The post Modern Binary Exploitation Course appeared first on Penetration Testing.