Learn how to find vulnerabilities and exploit them to gain control of target systems, including Linux, Windows, Mac, and Cisco. This class covers how to write tools, not just how to use them; essential skills for advanced penetration testers and software security professionals.
Advisory: CS 110A or equivalent familiarity with programming
Upon successful completion of this course, the student will be able to:
- Read and write basic assembly code routines
- Read and write basic C programs
- Recognize C constructs in assembly
- Find stack overflow vulnerabilities and exploit them
- Create local privilege escalation exploits
- Understand Linux shellcode and be able to write your own
- Understand format string vulnerabilities and exploit them
- Understand heap overflows and exploit them
- Explain essential Windows features and their weaknesses, including DCOM and DCE-RPC
- Understand Windows shells and how to write them
- Explain various Windows overflows and exploit them
- Evade filters and other Windows defenses
- Find vulnerabilities in Mac OS X and exploit them
- Find vulnerabilities in Cisco IOS and exploit them