GithubHelp home page GithubHelp logo

mms's Introduction

Modern Memory Safety: C/C++ Vulnerability Discovery, Exploitation, Hardening

History

This repo contains the slides for a training course originally developed in 2012. It has been delivered to many students since its creation. It's sold out at the Black Hat USA conference several years in a row. The content has gone through many iterations based on feedback from those classes. The original training focused mainly on browser vulnerability discovery and exploitation. This latest version still focuses on that but also covers more topics such as custom memory allocators, hardening concepts, and exploitation at a high level.

Future

This training would not have been possible without open source projects to study, or freely available texts from the security community. In fact, the security community is one of the best proponents of open source. I want to help continue that trend.

We all know a technical training course isn't about the slides. It's about hands on interaction with tech, discussion with fellow students and the instructor. The instructors experience with the topic is also very important. So these slides are only a piece of the experience of taking the course. So one of the best contributions you can make to this repo is notes and talking points for each slide. I have created a directory in this repo specifically for that. Pull requests for notes will be reviewed and accepted as often as possible.

Errata

Despite years of tweaking and updates, there will be mistakes in these slides. They were recently exported from Keynote and it took awhile to get the formatting back. There will also be technical mistakes that may need to be fixed. If you find any of these issues please report them to me on github or email me if you don't want to be identified.

Thanks

Many of the students who have taken the course over the years are far smarter than I am. Their feedback was essential to this training.

Thanks to Yahoo for facilitating this open source release!

Licenses

This training contains snippets of code from various open source projects. They are listed here along with their license.

mms's People

Contributors

alexwlchan avatar struct avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.