<img alt="" src="/images/6/f/4/c/b/6f4cb81d602652bb6bbb3a7048f330b3829ba635-beaujant.png" />

{FR] Application Security 101

<p><a id=appsec></a></p> <p>This workshop will try to explain you from the very beginning the most common vulnerabilities identified in x86_32 binary applications, i.e. buffer overflow, use-after-free, format string and integer under/overflow.</p> <p>This workshop starts with the basics of what is a computer and its structure with a focus on the CPU and the memory. We will try to explain what is going on whenever the user execute an application and go through an assembly crash-course.</p> <p>Once the background theory (50%) covered, we will explain each vulnerabilities with easy hands-on examples. To goal of this workshop is not to demonstrate complex exploitation but rather giving all the necessary information to understand and exploit such vulnerabilities.</p> <p>What will this course teach you? - Understanding the structure and purpose of a CPU - Basics of assembly - Understanding and exploiting basic buffer overflow - Understanding and exploiting basic use-after-free vulnerability - Understanding and exploiting basic format string vulnerability - Understanding and exploiting basic integer overflow and underflow vulnerabilities</p> <p>What this course won’t teach you? - Reverse engineering - Coding in C or Assembly (although we will briefly cover both) - Explain, use and create fuzzers - Create you own shellcode - By-passing security measures (ASLR, NX, cannary, fortify, etc).</p> <h4>À propos de Antonin Beaujeant <a href="https://twitter.com/beaujeant">@beaujeant</a></h4>