In this course we will learn how to develop secure software. The topics and schedule is as follows:
Week #1: The philosophy and principles of secure programming.
Weeks #2 to #7: Identifying Security Vulnerabilities in C/C++, reverse engineering, stack overflow, ASLR, DEP, Canary, Return-to-libc, ROP, heap overflow, format string.
Weeks #8 to #12: Identifying Security Vulnerabilities in Web Applications, Web Applications Architecture, Command Execution, LFI, RFI, SQLI, XSS, CSRF, BruteForce.
Weeks #13 and #14: Identifying Security Vulnerabilities in Mobile Applications (Android), APK reverse Engineering, insecure data storage, Webview vulns., Android intents and relevant vulns, Hardcoding issues, C vulns. in Android apps.
Week #15: Security Software Development, Building Security during Software Development, Robust Software.
Week #16 and #17: Security Analysis, White-box Analysis, Black-box Analysis, Fuzzing method, Introduction to some popular Test Frameworks for C/C++, Web and Android Applications.