|
This module explains the difference between traditional programming practices and secure ones. We introduce the Software Development LifeCycle (SDLC), and explain how security can and must be built into each and every one of its phases.
|
2. |
Vulnerabilities |
|
2 hours |
|
When does an innocent programming bug turn into a far-reaching vulnerability? This module discusses in detail the difference between functional bugs and security vulnerabilities, by defining the vulnerability classes and going into actual case-studies of specific vulnerabilities - that could have all been remediated with an ounce of forethought. |
3. |
Improper file handling |
|
2 hours |
|
The nooks and crannies of handling files as input:
- Temporary files - secure creation and deletion of temporary files
- Directory Traversals - escaping the application's working directory to gain access to other files
- Race Conditions - Time-of-Check-Time-of-Use (TOCTOU) with files
- Alternates - Symbolic Links, Alternate Data Streams, reserved files and other complications when creating files
|
4. |
Lost in translations |
|
2 hours |
|
The painful pitfalls of mixing languages and technologies, especially in the dynamic construction of strings:
- Command Injection - How insecure shell escapes lead to compromise
- Script Inection - How impromper output escaping leads to Javascript injection and Cross-Site Scripting (XSS)
- SQL Inection - How insecure construction of SQL strings leads to information leakage, privilege escalation - or total system compromise.
|
5. |
Crypto-foibles |
|
2 hours |
|
The common pitfalls of using cryptography and random numbers
- Insecure storage - How not to store passwords and other secrets
- Insufficient randomness - Why rand() and its counterparts are bad
- Maintaining sessions - How to correctly generate session identifiers, token, GUIDs, etc..
|
6. |
Code Injection Attacks |
|
2 hours |
|
The art of code injection:
- Java/.Net - Class Trojaning
- C/C++ - DLL Injection (Windows) and/or LD_ hooking (Unix)
- Direct Code Injection through input:
- Buffer Overflows
- Format String Attacks
|
*. |
Threat Modeling (Optional) |
|
2 hours |
|
Recommended for designers and system architects, this module provides an introduction to threat modeling - the process of considering potential attacks in the design phase as gedanken experiments. Constructing attack trees and using methodologies such as Microsoft's STRIDE and DREAD
|
*. |
Security Testing (Optional) |
|
2 hours |
|
Recommended for QA testers, this module presents security testing, and how it both differs from and complements functional testing. Topics include:
- Security testing vs. functional (QA) testing
- Crafting abuse cases
- Input malformation and permutations
- Fuzzing specifics - text, JSON, XML, and binary data
|