Open study group: Practical InsecuritIes - SS 2007

In weekly meetings we are approaching computer insecurities from the practical side.

Note: This is neither a lecture nor a seminar. There won't be an instructor. All participants are expected to work together to gain the desired knowledge. And BYOL (Bring your own laptop).

The addressed topics may include:

• C Security (Buffer Overflows, Format String Exploits, Heap Overflows, Integer Manipulation)
• Web Application Insecurities (SQL Injection, XSS, Remote Command Execution)
• Examination of recent / interesting vulnerabilities and exploits

Requirements:

• Basic/advanced programming skills (e.g. C(++), JavaScript,.)
• For C Insecurities: Knowledge on basic OS functionality, CPU instruction sets and memory management
• For Web-Security: Clear understanding how web-applications work
• A laptop with a C compiler and a web browser

Time: Monday 17:00 - 19:00
Location: F 630

If you want to participate please write an email to
Martin Johns

Most Presentations are made available for download in PDF format, to view them you need the Acrobat Reader version 5 or higher.