Wednesday, September 23, 2009

Application Security: For Hackers and Developers


There are four technical skills required by security researchers, software quality assurance engineers, or developers concerned about security: Source code auditing,fuzzing, reverse engineering,and exploitation. All these skills and more are covered. C/C++ code has been plagued by security errors
resulting from memory corruption for a long time. Problematic code is discussed and searched for in lectures and labs. Web auditing is covered using WebGoat. Fuzzing is a topic book author DeMott knows about well. Mutation file fuzzing and framework definition construction (Sulley and Peach) are just some of the lecture and lab topics. When it comes to reversing C/C++ (Java and others are briefly discussed) IDA pro is the tool of choice. Deep usage of this tool is covered in lecture and lab. Exploitation discussions and labs are the exciting final component. You’ll enjoy exploiting BSD local programs to Vista browsers using the latest techniques.

Download PDF

No comments: