Application Security and Vulnerability Analysis

Top

Meta

References

Code Audits

Jared DeMott - Source Code Auditing
Interview with Vinnie Liu from Microsoft BlueHat 8
Real-world Code Review with Vinnie Liu from Microsoft BlueHat 8

Vulnerability Classes

Shatter Attack, Wikipedia
Setuid Demystified, Hao Chen, David Wagner, Drew Dean
Java Deserialization Flaws and Oracle's Secure Coding Guidelines

Example Vulnerabilities

Spot the Vuln, Billy Rios and Brett Hardin
xorl %eax, %eax
A Collection of Examples of 64-bit Errors in Real Programs

Creative Commons License

This work is licensed under a Creative Commons License.