People
Syllabus
Notes
Labs

CS 390S: Secure Programming

August 23: Shells, and Shell mini-lab in the ReAssure system
Week 1 (pdf)
Week 1 (powerpoint)

August 30: Shells, and mini-lab 2: back-door
Week 2 (pdf)
Week 2 (powerpoint)

September 6: Environment
Week 3 (pdf)
Week 3 (powerpoint)

September 13: Exec calls, Trust, and mini-lab 3: Taint
Week 4 (pdf)
Week 4 (powerpoint)

September 20: Buffer Overflows, and String Manipulation lab
Week 5 (pdf)
Week 5 (powerpoint)

September 27: Format String Vulnerabilities
Week 6 (pdf)
Week 6 (powerpoint)

October 4: Input Validation and SQL injection
Week 7 (pdf)
Week 7 (powerpoint)

October 11: Mid-term
Remember, taking the mid-term is mandatory for a passing grade...

October 18: Web Applications: JavaScript Injection (a.k.a. XSS, Cross-site scripting vulnerabilities)
Week 9 (pdf)
Week 9 (powerpoint)

October 25: Web Applications (cont.) & Integer Overflows
Week 10 (pdf)
Week 10 (powerpoint)


November 1: Race Conditions
Week 11 (pdf)
Week 11 (powerpoint)


November 8: File System Issues: Links, Directory Crawls, and Race Conditions
Week 12 (pdf)
Week 12 (powerpoint)

November 15: Randomness
Week 13 (pdf)
Week 13 (powerpoint)

November 22: Canonicalization and Directory Traversal Vulnerabilities

November 29: Last Exam

December 7: Solution to last exam, grades, discussions
Spring 2006 web site
Validate HTML