Security: For Hackers and Developers, is designed for practitioners to learn about the tools and techniques used to find bugs in real world software.  This class is great for anyone in software, testing, or hacking, but is probably at its very best for teams working with C/C++ (code or binaries).

Day 1: Security Strategy, Code Auditing, and Fuzzing

We begin the class with a brief strategy discussion like the one here on Pluralsight – Security for Hackers and Developers: Overview

Understanding how and when to audit source code is key for both developers and hackers.  Students learn to zero in on the important components.  Automated tools are mentioned, but auditing source manually is the focus, since verifying results is a required skill even when using automated tools.  Spotting and fixing bugs is the focus.

Fuzzing is a runtime method for weeding out bugs in software.  It is used by a growing number of product and security organizations.  Techniques such as dumb file fuzzing, all the way up to distributed fuzzing, will be covered.  Students will write and use various fuzzers.

Day 2: Reverse Engineering and Exploitation

Students focus on learning to reverse compiled software written in C and C++, though half-compiled code is mentioned as well.  The IDA pro tool is taught and used throughout.  Calling conventions, C to assembly, identifying and creating structures, RTTI reconstruction are covered. Students will also see IDA’s more advanced features such as flirt/flare, scripting, and plug-ins.

Students will walk out of this class knowing how to find and exploit bugs in software.  This is useful to both developers and hackers.  The exploit component will teach common bug type such as: stack overflow, function pointer overwrite, heap overflow, off-by-one, integer error, uninitialized variable, use-after-free, double fetch, and more.  For the exploits, return overwrites, heap spraying, ROP and gadget discovery, etc.  Shellcode creation/pitfalls and other tips and tricks will all be rolled into the exciting, final component.