This course covers both the art and science of discovering software vulnerabilities. Beginning with the foundational techniques used to analyze both source and binary code, the course will examine current threats and discuss the actions needed to prevent attackers from taking advantage of both known and unknown vulnerabilities. The course will cover passive and active reverse engineering techniques in order to discover and categorize software vulnerabilities, create patches and workarounds to better secure the system, and describe security solutions that provide protection from an adversary attempting to exploit the vulnerabilities. Techniques covered include the use of static analysis, dynamic reverse engineering tools, and fault injection via fuzzing to better understand and improve the security of software.
Formerly 695.714 Reverse Engineering and Vulnerability Analysis.