Error message

User warning: The following module has moved within the file system: ldap_user. In order to fix this, clear caches or put the module back in its original location. For more information, see the documentation page. in _drupal_trigger_error_with_delayed_logging() (line 1181 of /usr/local/stow/drupal-7.91/lib/drupal-7.91/includes/bootstrap.inc).

Instructions

Preparation

All participants (including those not yet formally registered):

  1. Fill the course questionnaire
  2. Subscribe to the course mailing list
  3. To submit exercises and send personal questions, use the course staff's email address.
  4. For public questions and discussions, use the course forum

Virtual machine

In this course we will be running exercises in a virtual machine.

  1. Oracle VirtualBox virtual machine manager: the software is free and available for download here. It is installed in the CS computer labs.
  2. Download the virtual machine image (1.7GB)  used in the exercises. (md5sum: 07bba01a387b5e84aba3f3fd572a3393)

Exercise submission

The best 75% of exercises will be used to calculate your grade.
Exercises should be submitted to infosec13.course@gmail.com weekly. 
Please use the following format for the email subject: "[INFOSEC13] Exercise #[EXERCISE NO.] - [NAME], ID: [ID]".
i.e.: "[INFOSEC13] Exercise #11 - John Smith, ID: 313371337".
Please attach only the files which are relelvant to the result in an easy to understand directory tree, which should be packed in a 7zip file (submit a single file). See an example submission here.
How to create a 7zip archive in linux: use the command "7za a ex_[EXERCISE NO.]_
[ID#]_[FIRST_NAME]_[LAST_NAME]_.7z [DIRECTORY TO PACK]".

i.e.: "7za a ex_11_055555559_Moshe_Cohen.7z solution_to_ex_11/".


Textbooks

There is no single textbook for this course. The following books contains significant relevant material. Additional resources will be provided during the lectures and recitations.

General:

  • Ross Anderson
    Security Engineering (2nd Ed.)
    [online]

Reverse engineering:

  • Chris Anley, John Heasman, Felix Lindner, Gerardo Richarte
    The Shellcoder's Handbook: Discovering and Exploiting Security Holes (2nd Ed.)
    [online]
  • Eldad Eilam
    Reversing: Secrets of Reverse Engineering
    [books24x7]
  • Michael Sikorski and Andrew Honig
    Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
    [books24x7]
  • Mark Dowd, John McDonald, Justin Schuh
    The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities

Similar courses

Stanford University course CS155 has excellent slides and reading materiel, some of which is reused in our course.