Security for Hackers and Developers: Code Auditing

Focused View

Dr. Jared DeMott

2:02:30

12 View

01-01 - Course Overview -- Course Overview.mp4

01:37

02-01 - Exploring C Program Details Related to Security -- Introduction to the Language and Auditing.mp4

12:30

02-02 - Exploring C Program Details Related to Security -- Bug Demo and Debugging.mp4

07:22

02-03 - Exploring C Program Details Related to Security -- Variables, APIs, and Socket Programming.mp4

09:27

03-01 - Auditing C Code -- Find Security Flaws Overflows, Off-by-one, Command Injection, Design, ASCIIWide, and More.mp4

13:00

03-02 - Auditing C Code -- Review Memory Allocations Closely and Introducing Heartbleed.mp4

07:06

03-03 - Auditing C Code -- Explore the Heartbleed Vulnerability with the SCI Understand Code Auditing Tool.mp4

05:43

03-04 - Auditing C Code -- Heartbleed Post-mortem Analysis.mp4

04:39

03-05 - Auditing C Code -- Kernel and Compiler Bugs, Homework, and Summary.mp4

05:49

04-01 - Exploring C++ Program Details Related to Security -- Module Overview.mp4

01:01

04-02 - Exploring C++ Program Details Related to Security -- Demo of the Teaser Bug.mp4

06:07

04-03 - Exploring C++ Program Details Related to Security -- Quickly Teach C++.mp4

11:07

04-04 - Exploring C++ Program Details Related to Security -- Vtable Demo.mp4

03:03

04-05 - Exploring C++ Program Details Related to Security -- Race and Exception Bugs.mp4

04:00

05-01 - Auditing C++ -- Introduce Specific C++ Problems, and How to Audit.mp4

03:18

05-02 - Auditing C++ -- Class Auditing Demo.mp4

03:58

05-03 - Auditing C++ -- Introduce the Newer Bugs in Modern C++ Apps, Why They Exist, and How an Exploit Could Work.mp4

04:51

05-04 - Auditing C++ -- Deeper Look at Use-after-free.mp4

08:55

05-05 - Auditing C++ -- New in-app Protections Isolated Heap and Deferred Free.mp4

02:46

05-06 - Auditing C++ -- Deeper Look at Type Confusion and Module Summary.mp4

06:11

Description

Did you know that bugs in software costs the economy billions of dollars a year? In this course, you are going to help turn the tide as you learn how to find and fix critical bugs quicker.

What You'll Learn?

Bugs in software can be very expensive issues that can arise from not thoroughly testing and re-testing your code. In this course, Security for Hackers and Developers: Code Auditing, you will learn about manual code pentesting and all about how a professional code auditor finds bugs in code. You'll mainly be focusing on C/C++, but the high level ideas apply to all languages. By going deep into the weeds on C and C++ code, learners will appreciate the depth and experience required to audit this and any language code. First you'll learn about code auditing tools and techniques, as well has why memory corruption happens and how to prevent it. Then you'll learn all about the newer bug types such as use-after-free, type confusion, and kernel double fetch. You'll wrap up the course by learning about the real-world vulnerabilities like Heartbleed and other critical browser bugs. By the end this course, you'll know how to audit code with confidence. You'll know how to spot bugs, understand why they're important, and architect modern protections.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Ethical Hacking

Penetration Testing

Network Security

Information Security

Dr. Jared DeMott

Instructor's Courses

Dr. Jared DeMott is an engineer, entrepreneur, and security leader. DeMott previously served as a vulnerability analyst with the NSA. He holds a PhD from Michigan State University. He regularly speaks on cyber matters at conferences like RSA, DerbyCon, BlackHat, ToorCon, GrrCon, HITB, etc. He was a finalist in Microsoft’s BlueHat prize contest, which helped make Microsoft customers more secure. Dr. DeMott has been on three winning Defcon capture-the-flag teams, and has been an invited lecturer at prestigious institutions such as the US Military Academy. Jared is a Pluralsight author, and is often interviewed by Media to weigh in on cyber matters.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.