Code Review II

Monday, 06 February 2023 9:00 AM - Friday, 10 February 2023 5:00 PM [AEDT]

Unit 2, 9 Beaconsfield Street, Fyshwick, ACT, 2906, Australia

Register Now

1. Select Seats

2. Review and Proceed

Registration

Student Partial Approval - $4,500.00

Sales end on 28/01/2023

Enter your discount code

  • Subtotal (excluding fees and discounts)
  • Fee
  • Total amount

Monday, 06 February 2023 9:00 AM - Friday, 10 February 2023 5:00 PM [AEDT]

InfoSect, Unit 2, 9 Beaconsfield Street, Fyshwick, ACT, 2906, Australia.

In this 5 day course, students will learn how to discover bugs and vulnerabilities in C++-based programs. This course walks students through the numerous cases of undefined and platform specific behavior specific in the C++ language. We’ll look at the various features of the C++ language, with numerous real-world examples of bugs found by the trainer. This course is partly focused on C++ vulnerability research. We will look at exploitation using STL container corruption and VTable overwrites. Moreover, we’ll look at automating bug discovery using libFuzzer and performing variant analysis with CodeQL. Finally, we will look at coding recommendations and ways to prevent, fix, and secure buggy C++ code.

Specifically, students will:

  • Review components of the C++ programming language.
  • Learn about common C++ programming bugs.
  • Learn common APIs and interfaces in systems code and OS kernels prone to implementation bugs.
  • Look at previously discovered bugs as case studies.
  • Find bugs in sample code.
  • Be given the opportunity to find bugs in current systems code.

Format:

Lectures and Labs

Time:

9am – 5pm, Monday-Friday.

What is required:

  • Nothing

What will be Provided?

  • Workstations for class use
  • Bound lecture materials
  • Access to laboratories on the "cyber range"
  • Morning Tea, Lunch, Tea & Coffee
  • InfoSect Swag & certificate of completion

Prerequisites:

Competency in C++ programming.

Courses have no more than 10 people.

A minimum of 4 registrations are required for course to run. If less than 4 registrations are received, InfoSect will be in contact about refunding or rescheduling the course.

InfoSect

Dr Silvio Cesare is the Managing Director at InfoSect. He has worked in technical roles and been involved in computer security for over 20 years. This period includes time in Silicon Valley in the USA, France, and Australia. He has worked commercially in both defensive and offensive roles within engineering. He has reported hundreds of software bugs and vulnerabilities in Operating Systems kernels. He was previously the Director for Education and Training at UNSW Canberra Cyber, ensuring quality content and delivery. In his early career, he was the scanner architect and a C developer at Qualys. He is also the co-founder of BSides Canberra - Australia’s largest cyber security conference. He has a Ph.D. from Deakin University and has published within industry and academia, is a 4-time Black Hat speaker, gone through academic research commercialisation, and authored a book (Software Similarity and Classification, published by Springer).

Contact the Organizer View other events