CSC 748 – Software Exploitation
The Art of Software Security Assessment (2 Volumes)
Mark Dowd, John McDonald, Justin Schuh 978-0-321-44442-4
- 1 – Software Security Fundamentals
- 2 – Design Review
- 5 – Memory Corruption
- 6 – C Language Issues
- 8 – Strings & Metacharacters
- 11 – Windows I: Objects and the File System
- 17 – Web Applications
Inside Windows Debugging
Tarik Soulami 978-0735662780
- 6 – Code Analysis Tools
Understanding Windows Shellcode
- http://www.hick.org/code/skape/papers/win32-shellcode.pdf
The Shellcoder’s Handbook
Chris Anley 978-0470080238
- 2 – Stack Overflows
- 3 – Shellcode
- 5 – Introduction to Heap Overflows
- 7 – Windows Shellcode
- 8 – Windows Overflows
- 9 – Overcoming Filters
- 14 – Protection Mechanisms
- 16 – Fault Injection
- 17 – The Art of Fuzzing
- 18 – Source Code Auditing
Understanding Windows Shellcode
INFA 732 – Malware Analysis
Practical Malware Analysis
Mike Sikorski ISBN-13: 978-1593272906
- 0 – Malware Analysis Primer
- 1 – Basic Static Techniques
- 2 – Malware Analysis in Virtual Machines
- 3 – Basic Dynamic Analysis
- 4 – A Crash Course in x86 Disassembly
- 5 – IDA Pro
- 6 – Recognizing C Code Constructs in Assembly
- 7 – Analyzing Malicious Windows Programs
- 8 – Debugging
- 11 – Malware Behavior
- 13 – Data Encoding
- 14 – Malware Focused Network Signatures
- 18 – Packers and Unpacking
- 19 – Shellcode Analysis
INFA 754 – Intrusion Detection
- Psychology of Intelligence Analysis by Richards Heuer
- Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains by Eric Hutchins, et al
- The Diamond Model of Intrusion Analysis by Sergio Caltagirone, et al
- MITRE ATT&CK: Design and Philosophy by Blake Strom, et al
- A Brief History of Attribution Mistakes by Sarah Jones
- Threat Intelligence Naming Conventions: Threat Actors, & Other Ways of Tracking Threats by Robert M. Lee
- Does a BEAR Leak in the Woods? by Toni Gidwani
- Cyber Intelligence Tradecraft Report – The State of Cyber Intelligence Practices in the US by Jared Ettinger
- The Cuckoo’s Egg by Cliff Stoll
CSC 844 – Advanced Reverse Engineering
Gray Hat Hacking – Fifth Edition
Allen Harper, et al
ISBN: 978-1-260-10841-5
- 1 – Why Gray Hat Hacking? Ethics and Law
- 2 – Programming Survival Skills
- 4 – Next-Generation Reverse Engineering
- 6 – So You Want To Be a Pentester?
- 7 – Red Teaming Operations
- 9 – Bug Bounty Programs
- 10 – Getting Shells Without Exploits
- 11 – Basic Linux Exploits
- 12 – Advanced Linux Exploits
- 13 – Windows Exploits
- 14 – Advanced Windows Exploitation
- 16 – Next-Generation Web Application Exploitation
- 17 – Next-Generation Patch Exploitation
- 22 – Internet of Things to Be Hacked
- 23 – Dissecting Embedded Devices
- 24 – Exploiting Embedded Devices
- 25 – Fighting IOT Malware
CSC 846 – Advanced Malware
Windows Internals – Part 1
Mark Russinovich, et al 978-0-7356-4873-9
- 4 – Management Mechanisms
The IDA Pro Book
Chris Eagle 978-1-59327-289-0
- 21 – Obfuscated Code Analysis
Understanding Windows Shellcode
- http://www.hick.org/code/skape/papers/win32-shellcode.pdf
CSC 848 – Advanced Exploit
Windows Internals – Part 1
Mark Russinovich, et al 978-0-7356-4873-9
- 5 – Processes, Threads and Jobs
The IDA Pro Book
Chris Eagle 978-1-59327-289-0
- 22 – Vulnerability Analysis
The Shellcoder’s Handbook
Chris Anley 978-0470080238
- 2 – Stack Overflows
- 3 – Shellcode
- 5 – Introduction to Heap Overflows
- 7 – Windows Shellcode
- 8 – Windows Overflows
- 9 – Overcoming Filters
- 14 – Protection Mechanisms
- 27 – Hacking the Windows Kernel
Windows Internals – Part 2
Mark Russinovich, et al
- 8 – I/O System
- 10 – Memory Management
- 14 – Crash Dump Analysis
Understanding Windows Shellcode
- http://www.hick.org/code/skape/papers/win32-shellcode.pdf