Notes Index for Secure Software

Intro to Secure Software Design:

Preamble: Why I'm teaching x86 in Secure Software Design

PWN rigs, a few options for reversing stuff

Mastery Goal A:

Learn just enough C to compile an executable that does some basic stuff

Mastery Goal B:

Learn enough x86 to see the C

Never used: C basics, compiling, loops, etc.

Adjusted notes class 2: C as ASM++, intro to reversing

https://pwnwizard.com/

Intro to x86, Framework of all exploits, First crackmes

Radare2 101

Crackmes!

Mastery Goal C:

Calling Conventions!

Extra Notes: Calling Conventions and Parameters

Mastery Goal D:

pwntools and our first buffer overflows

Quick notes on the CANARY

Mastery Goal E:

Intro to shellcode

Mastery Goal F:

Intro to ROP chains

Get a couple years of scholarships in exchange for taking a job with the gov't

32-bit ROP chains with arguments

Mastery Goal H:

ret2libc

Mastery Goal G:

PLT/GOT for linking and random address hacks

Mastery Task J:

Format String Vulnerability for Leaks and Write-What-Where

Live Demo of the STEALERS problem

THE HEAP PARTS:

Master gdb with pwndbg and learn the fundamentals of the heap

Intro to heap, MOM'S SPAGHETTI, HEAP REFERENCE GUIDES