Sumários

Software Attacks

28 Setembro 2015, 15:00 Naercio David Pedro Magaia

Exploit C language buffer overflow vulnerabilities


Network Security

28 Setembro 2015, 12:00 Miguel Filipe Leitão Pardal

Network Security Architecture

  • Passive and active attacks
  • Secure channel and gatekeeper abstractions

Network Security Vulnerabilities

  • Attacks and the OSI stack
  • Routing overview
  • Physical layer vulnerabilities
  • Data link layer vulnerabilities
    • ARP poisoning
    • MAC flooding



Software Attacks

28 Setembro 2015, 10:30 Naercio David Pedro Magaia

Exploit C language buffer overflow vulnerabilities


Design of Secure Applications

24 Setembro 2015, 11:00 Miguel Filipe Leitão Pardal

Threat modeling:

  • Application decomposition using data-flow diagrams.
  • Threat identification with the STRIDE model.
  • Threat representation with threat trees.
  • Threat assessment with the DREAD model.

Penetration testing and input mutation.



Software Attacks

21 Setembro 2015, 15:00 Naercio David Pedro Magaia

Perform Cross-Site Scripting (XSS) and SQL Injection attacks