#KEA/Softwaresikkerhed
Softwaresikkerhed er en del af KEAs Diplomuddannelse i [[Diplom i IT-sikkerhed]].
[[Kursusgang 0]] - Welcome, goals and expectations Prepare Virtual Machines - bring laptop
Create a good starting point for learning Introduce lecturer and students Concrete Expectations Prepare tools for the exercises
[[Kursusgang 1]] - Lab setup and Programming Knowledge
Do some initial programming
[[Kursusgang 3]] - Initial Overview of Software Security
Get an overview of the subject
[[Kursusgang 4]] - SDLC and risk ranking
[[Kursusgang 5]] - Web Application Security: Recon
[[Kursusgang 6]] - Web Application Security: Recon and Offensive
[[Kursusgang 7]] - Hacking Web Applications: Offensive
[[Kursusgang 8]] - Software Programming & Memory Corruption
[[Kursusgang 9]] - Program Building blocks and exploitation
[[Kursusgang 10]] - Strings and Pointers
[[Kursusgang 11]] - Network Attacks Intro
[[Kursusgang 12]] - Fuzzing intro
[[Kursusgang 13]] - Security Design and Defense
[[Kursusgang 14]] - General questions and summary
We will do a practice exam and talk about exam subjects.
The module is centered around software security including software quality, software flaws, vulnerabilities, software APIs, error handling and software architecture.
Teaching material will primarily be English, but the teaching will be in Danish.
See more about the course in the official curriculum which can be downloaded from the main page https://kompetence.kea.dk/uddannelser/it-digitalt/diplom-i-it-sikkerhed
- near the top "Download studieordningen".
Date 26/10 2021
-
Lecture lessons
-
Group exercises and cases, including practical exercises with laptop
31/8, 2/9, 7/9, 9/9, 14/9, 16/9, 21/9, 23/9, 28/9, 30/10, 5/10, 7/10, 12/10, 14/10
Make sure to mark dates in your calendar - some weeks will have lessons tuesday/thursdays.
Since we are going to be doing exercises, each team will need two virtual machines.
The following are two recommended models:
-
One based on Debian, running software servers and web applications
-
One based on Kali Linux, running attacks against software
Read more about these at https://github.com/kramse/kramse-labs
This course uses three books and a number of supporting resources.
Primary literature:
-
The Art of Software Security Testing Identifying Software Security Flaws,
Chris Wysopal, 2006, ISBN: 9780321304865, named AoST or the Green Book
-
Web Application Security, Andrew Hoffman, 2020, ISBN: 9781492053118 called WAS below
-
Hacking, 2nd Edition: The Art of Exploitation, Jon Erickson, February 2008, ISBN-13: 9781593271442, called just hacking below
It is recommended to buy the Pwning OWASP Juice Shop Official companion guide to the OWASP Juice Shop.
From https://leanpub.com/juice-shop - suggested price USD 5.99
It is recommended to buy these books listed above.
-
24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them, Michael Howard, David LeBlanc, John Viega, ISBN: 9780071626750, 2010 The McGraw-Hill Companies, named 24-deadly below
Additional software security problems, listed language agnostically and with small examples. Highly recommended for programmers.
-
Linux Basics for Hackers Getting Started with Networking, Scripting, and Security in Kali by OccupyTheWeb, December 2018, 248 pp. ISBN-13: 978-1-59327-855-7 - shortened LBfH
This book introduces the Linux operating system commands, using Kali Linux as example. The tools presented include a lot of generic Unix tools. If you have no experience with Linux or Unix it is recommended to buy this book.
-
Kali Linux Revealed Mastering the Penetration Testing Distribution https://www.kali.org/download-kali-linux-revealed-book/ - shortened KLR
We will also use the OWASP Juice Shop Tool Project as a running example. This is an application which is modern AND designed to have security flaws.
Read more about this project at https://www.owasp.org/index.php/OWASP_Juice_Shop_Project and https://github.com/bkimminich/juice-shop
Also the course will use internet links and pages. These can be downloaded from the internet often for free and may be gathered by the instructor for easy download.
-
Wikipedia article about Privacy by Design
-
This in danish summarizing the implications of General Data Protection Regulation (GDPR)
https://www.dubex.dk/aktuelt/nyheder/det-skal-du-vide-om-privacy-by-design-ny-vejledning
-
Article recommends doing Privacy Impact Assessment (PIA) https://itb.dk/persondataforordningen/privacy-by-design-default/
-
ENISA, EU security office, reports about Privacy by Design Privacy and Data Protection by Design and
-
Smashing The Stack For Fun And Profit, Aleph One
-
Bypassing non-executable-stack during exploitation using return-to-libc
by c0ntex.
-
Basic Integer Overflows by blexim.
-
Return-Oriented Programming:Systems, Languages, and Applications
Ryan Roemer, Erik Buchanan, Hovav Shacam and Stefan Savage University of California, San Diego
-
MITRE ATT&CK a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations, read the ATT&CK 101 Blog Post
-
Secure Programming for Linux and Unix HOWTO), David Wheeler.
-
Setuid demystified by Hao Chen, David Wagner, and Drew Dean.
-
Removing ROP Gadgets from OpenBSD Todd Mortimer [email protected]
-
TCP Synfloods - an old yet current problem, and improving pf's response to it
Henning Brauer, BSDCan 2017
-
Bug Attacks on RSA, by Eli Biham, Yaniv Carmeli, and Adi Shamir.
-
Using Memory Errors to Attack a Virtual Machine by Sudhakar Govindavajhala and Andrew
Appel
-
Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors Yoongu Kim, Ross Daly, Jeremie Kim, Chris Fallin, Ji Hye Lee, Donghyuk Lee, Chris Wilkerson, Konrad Lai, Onur Mutlu, see also [Explo
iting the DRAM rowhammer bug to gain kernel privileges](https://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html)
-
A Graduate Course in Applied Cryptography By Dan Boneh and Victor Shoup https://toc.cryptobook.us/
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent