Home  
Info about facilities etc.SeminarsCourse SchedulesCourse registration  
    Security Services  
     
 

 

Program PrinciplesReverse EngineeringBufferOverflowsNetwork Security FundamentalsTCPIP Procotol AnalysisMalicious Code AnalysisEthical Hacking

 

ITS Forensics

The material will be an introduction to the Incident Handling process and techniques to support the forensic analysis. Students will leave the seminar with a comprehensive plan to implement response procedures as well as the ability to identify incidents for their respective organizations.

Secure Programming

This talk will review the causes of the most prevalent security issues found in software today along with means of addressing the risk though the design and development cycle. Technology-based solutions for these issues will be reviewed along with axioms for secure programming to be used as an underlying theme for all design and development. Live examples will be presented to reinforce the theory and clearly demonstrate the advantages of the technology-based solutions.

IE Exploitation Demonstration

"Common Methods of Client-Side Exploitation and Threat Mitigation"

Though perimeter protection can effectively mitigate the external threats of service-based exploitation, the same strategies are not always effective against client-side exploitation targeting user's workstations. Moreover, even the use of personal firewalls on each desktop is not always sufficient.

This talk will cover the common methods that have been used for exploiting client-side applications such as web browsers, email clients and media players and the goals of exploitation. A short exploit demonstration of a known web browser vulnerability will server to reinforce the theory. We will then review the manner in which these risks can be mitigated through configuration changes and the use of custom security domains along with their associated costs.

Honey Pots

"Like Flies to Honey: A review of honeypots, the technology and role"

This talk will address the role of a honeypot as an effective defensive tool to better understand your threat environment and the common tools and techniques employed by attackers. We will review existing public domain and commercial honeypot technology, including components that can be integrated to build a "homegrown honeypot". Issues surrounding the development, deployment and monitoring of your honeypot will be discussed to maximize the benefit to the study plus protect your organization from any potential side-effects.

Hackertools and Techniques

This talk will cover the methodology used by many attackers and worms that propagate through various exploitation vectors. First profiling activities and tools will be discussed along with the information that can be obtained. Next, different strategies for exploitation will be compared based upon the result of the profiling information followed by system compromise. We'll then close off by discussing the next steps an attacker may take to gather further information or erase their tracks. Each step will be demonstrated along with tools and interpretation of their output.

Attendees will leave the talk with an appreciation of the risks their organizations face and the types of tools used by malicious individuals.

Buffer Overflow Tuturial

"Windows Buffer Overflow Exploitation: Methodology, Tools and Techniques"

Many talks on buffer overflows focus on their root cause and means of mitigating the risk during the development process. Instead, we will present attendees with an introduction to the methodology and tools commonly used to find buffer overflows in Windows executables along with some of the techniques attackers used to develop robust exploit code. The goal is to provide those security professionals involved in Vulnerability Research, Penetration Testing, Application Security Reviews and Incident Response with the analytic ammunition to understand overflows and exploit tools at a very detailed level.

The tutorial will begin with an introduction to Win32 system internals including process and memory architecture. We'll then review the tools we'll be using for reverse engineering the executables under analysis and demonstrate them through some simple toy problems. Finally we'll discuss Windows overflows and the methods an attacker will use to analyze them plus operational considerations when developing overflow eggs and exploit software. A simple Windows stack based overflow will be used as an example to carry throughout these discussions.

The workshop will build upon the topics discussed during the tutorial to analyze the WebDAV. based NTDLL overflow. We will start by assuming very little knowledge of the vulnerability and demonstrate how we identify the parameters of the overflow, the root cause and then proceed to develop an exploit. Development of the exploit tool will also touch upon tricks that can be used to handle application-level encoding and UNICODE issues.

  
 
     

Please refer to the Schedule/Fees for dates of availability