Search

Introduction to Software Exploitation

Don't hunt for vulnerabilities! Deploy mitigation techniques that make your embedded software more robust even when a coding mistake happens. We cover the basics of memory corruption issues, specifics of embedded device and kernel exploitation as well as common mitigation techniques and the different approaches to bypass them. We additionally touch upon less common mitigation techniques that try to address these shortcomings.

Duration: 2 days | Type: Classroom/Hands-on exercises | Available on request

Upcoming course: March 21-22, learn more and sign up

Who is this training for?

This course is intended for application developers system designers who want to understand how software is exploited, how to mitigate attacks and prioritize security fixes. The course is equally interesting for security analysts who want to understand software exploitation to assess the impact of vulnerabilities or perform penetration testing.

It is recommended that you have a good understanding of operating systems and computer architecture concepts, including:

  • Privilege levels
  • Kernel/user-space separation
  • Executable formats and dynamic loading, etc.
  • Good understanding of C/C++ programming and secure coding principles
  • Basic understanding of ARM architecture and ARM assembly

Learning Objectives

In this course we look at typical mitigation techniques which make software exploitation more difficult. We cover the basics of memory corruption issues, specifics of embedded device and kernel exploitation as well as common mitigation techniques and the different approaches to bypass them. We additionally touch upon less common mitigation techniques that try to address these shortcomings.

Key learning objectives:

  • Exploit stack corruption and other vulnerabilities
  • Apply common mitigation techniques, including stack cookies, ASLR and XN
  • Successfully bypass the most common mitigation techniques
  • Understand state-of-the-art countermeasures against software exploitation, such as Control Flow Integrity and related techniques

Interested? View the upcoming courses or get in touch with us

Please click here to access our e-learning platform where you will be able to view the upcoming dates for this training. Once you have your plans defined, there you can also register and purchase your seat right away. If you have questions or would like to discuss a special training program for your company, please contact us at trainingacademy@riscure.com.

By continuing to browse this website, you agree to the use of cookies and data processing according to our privacy statement. Close