FenixEdu™

Sumários

Secure development processes, threat modeling

1 outubro 2019, 15:30 • Miguel Filipe Leitão Pardal

Secure software development processes: waterfall and agile.

Secure design recommendations.

Threat modeling: decomposition, identification, classification, elimination.

DFD, STRIDE, DREAD.

Software Attacks (Continuation)

1 outubro 2019, 14:00 • Pedro Adão

Exploit C language buffer overflow vulnerabilities:

1) Buffer overflows
2) Shellcode injection
3) Shellcode injection using environment variable
4) Format string vulnerabilities

Binary code vulnerabilities

30 setembro 2019, 15:00 • Nuno Miguel da Silva Sabino

Buffer overflows

Format string vulnerabilities

GDB

Binary code vulnerabilities

30 setembro 2019, 10:30 • Nuno Miguel da Silva Sabino

Buffer overflows

Format string vulnerabilities

GDB

XSS e SQL lab

27 setembro 2019, 14:00 • Nuno Miguel da Silva Sabino

Cross-site scripting e SQL injection lab.

Web vulnerabilities

Segurança Informática em Redes e Sistemas

Sumários

Secure development processes, threat modeling

Software Attacks (Continuation)

Binary code vulnerabilities

Binary code vulnerabilities

XSS e SQL lab