Syllabus
This course teaches students the fundamental technical skills required to identify, analyze, and exploit software vulnerabilities, focusing on application-level issues. The course is taught with the help of some very talented guest professors whose topics are listed below:
- Introduction, Dan Guido
- Source Code Auditing, Brandon Edwards
- Reversing for Vulnerability Analysis, Aaron Portnoy
- Memory Corruption, Dino Dai Zovi
- Fuzzing, Mike Zusman
- Client-side attacks and Post-Exploitation, Dean De Beer
- Webapp Exploitation, Joe Hemler
This course is unique in that different guest professors come to teach each semester, adding their individual specialization and experience to their lectures. Previous guest lecturers have included:
- Reverse Code Engineering, Stephen A. Ridley
- Reverver Engineering Seminar, Alex Sotirov
- Web Hacking, Erik Cabetas
All communication for the course is done through a class mailing list, which students are required to sign up to and participate in discussions on.
The textbook for this course is Gray Hat Hacking, Second Edition. In addition to the textbook, PDFs and other material is regularly provided as the semester progresses.
Students have to complete one homework assignment every week, a take-home midterm, and do a final project of their choosing. If I am notified prior, they are allowed to submit 2 homeworks up to 1 week late.
Grading for the course will be determined by:
- 15% - Discussions (on the mailing list)
- 35% - Homeworks
- 15% - Midterm
- 35% - Final Project/Paper
Extra credit is given for any (legal) application of class material outside of the class. Just bring it in and show me!
If you have any questions about the course, about assignments, or about the course material, feel free to e-mail at dguido@gmail.com
