Application Security: For Hackers and Developers Course
Offered throughout the Year at various conferences or on demand. The above whitepaper gives you a quick idea of the types of things you'll learn.
There are four technical skills required by security researchers, software quality assurance engineers, or developers concerned about security: Source code auditing, fuzzing, reverse engineering, and exploitation. All these skills and more are covered in a new and exciting Crucial Security/Harris course developed by principal security researcher Jared DeMott. C/C++ code has been plagued by security errors resulting from memory corruption for a long time. Problematic code is discussed and searched for in lectures and labs. Web auditing is covered using WebGoat. Fuzzing is a topic book author DeMott knows about well. Mutation file fuzzing and framework definition construction (Sulley and Peach) are just some of the lecture and lab topics. When it comes to reversing C/C++ (Java and others are briefly discussed) IDA pro is the tool of choice. Deep usage of this tool is covered in lecture and lab. Exploitation discussions and labs are the final component. You will enjoy exploiting BSD local programs to Vista browsers using the latest techniques.