Modal content here…
In this module you will gain a deeper technical understanding of software vulnerabilities. We will cover a wide range of topics that build on your knowledge of digital security, to develop the skills necessary to discover and exploit vulnerabilities, and design and operate secure systems, software, and networks. In comparison to the modules you have previously completed, this module will further delve deep into software security and the technical details of various kinds of software vulnerabilities, and the secure software lifecycle and approaches to threat modelling, designing, and writing secure code.
The aim of this module is to develop your practical and theoretical experience of vulnerabilities and attack techniques; going to a much deeper depth than in previous modules – you will look to interact with vulnerable code (such as C code) to exploit software with an emphasis on analysis and coding to achieve this. To facilitate this, you will learn about the technical workings of a variety of security breaches, and the various tools, techniques, and development processes that can be used to detect vulnerabilities, exploit them to gain access, and mitigate security faults.
The practical labs cover a comprehensive range of topics related to software vulnerabilities and exploit development. The first two labs focus on understanding software vulnerabilities, ranging from basic concepts in programming errors to more complex issues like injection attacks, race conditions, and format string attacks. The third lab introduces bug hunting techniques, including fuzzing and static analysis, to uncover hidden security flaws. The next two labs delve into exploit development, with a focus on Windows stack-smashing buffer overflows and Linux buffer overflows. The final labs explore advanced topics, including bypassing the Non-Executable (NX) stack protection and Address Space Layout Randomization (ASLR) on Linux systems. Throughout these labs, you will gain hands-on experience in identifying, exploiting, and mitigating various software vulnerabilities.
Leeds Beckett University
Starts in about 2 months (at )
Sign up to view the challenges!