Secure Software Development

In this course we will learn how to develop secure software. The topics and schedule is as follows:

Week #1: The philosophy and principles of secure programming.

Weeks #2 to #7: Identifying Security Vulnerabilities in C/C++, reverse engineering, stack overflow, ASLR, DEP, Canary, Return-to-libc, ROP, heap overflow, format string.

Weeks #8 to #12: Identifying Security Vulnerabilities in Web Applications, Web Applications Architecture, Command Execution, LFI, RFI, SQLI, XSS, CSRF, BruteForce.

Weeks #13 and #14: Identifying Security Vulnerabilities in Mobile Applications (Android), APK reverse Engineering, insecure data storage, Webview vulns., Android intents and relevant vulns, Hardcoding issues, C vulns. in Android apps.

Week #15: Security Software Development, Building Security during Software Development, Robust Software.

Week #16 and #17: Security Analysis, White-box Analysis, Black-box Analysis, Fuzzing method, Introduction to some popular Test Frameworks for C/C++, Web and Android Applications.