Material to be covered...

Ethical disclosure, legal issues, and University policy

Readings: UNM Policy 2500 and UNM Policy 2520

Vulnerability studies, what is the nature of a vulnerability?

Readings: Daniela's and my NSPW paper, weird machines, Once upon a free(), Advanced Doug Lea's malloc exploits

Different media for vulnerabilities/exploits

Readings: Idle scans, SQL injection, buffer overflows, Gray Hat chapter on Windows DACLs, physical frame injection, cache timing channels, X.509 attacks, man-in-the-middle attacks, Ptacek and Newsham, format strings, Zalewski on draining the entropy pool, weak keys, voting machine security, car security

Finding vulnerabilities

Readings: Fuzz testing, EXE: Automatically generating inputs of death, Static detection of cross-site scripting vulnerabilities

Advanced evasion techniques

Readings: Return-oriented programming, English shellcode