27 Jul 2023 Web application fuzzing (optional)
Fuzzing a Web application’s endpoints using ffuf.
Labs
The course will have (up to) eight hands-on practical sessions in the lab. In these labs, we’ll use practical tools to explore software, hosts, networks and the Web with a view to both attack and defence.
13 Jul 2023 Network security
Playing with a couple of common tools used by network defenders and attackers.
22 Jun 2023 Ransomware
An opportunity to play with practical cryptography and see how easy it is to encrypt all of a user’s files.
15 Jun 2023 sudo and passwords
An opportunity to play with root privilege and try out practical password cracking tools.
1 Jun 2023 Software exploitation
Practical exploitation of a vulnerable binary using integer arithmetic and return-oriented programming.
25 May 2023 Software (harder)
More exploration of low-level software basics: debugging in hard mode and (a very little bit of) tampering.
11 May 2023 Software (easy)
A reminder and exploration of low-level software basics: building and debugging (in "easy mode", i.e., with debugging symbols).
18 May 2022 Lab reports
A guide to my expectations for lab reports that you submit in this course.