Lecturer(s)
|
-
Malaník David, Ing. Ph.D.
|
Course content
|
Topics: 1. Introduction to reverse code analysis 2. Methods and methodologies 3. Examination environment and tools 4. Compilation processes 5. Structure of applications 6. Decompilation processes 7. Restoration of incorrectly decompiled parts of codes 8. Methods of dynamic analysis 9. Methods of static analysis 10. Searching for vulnerabilities in source codes 11. Code Tampering 12. Attacks on databases within applications 13. Reverse analysis of the application protocol 14. Output protocols of reverse analysis, systematization
|
Learning activities and teaching methods
|
Lecturing, Demonstration, E-learning
- Home preparation for classes
- 30 hours per semester
|
prerequisite |
---|
Knowledge |
---|
Basic orientation in MS Windows and Linux operating systems. Orientation in programming languages: Java, C, C ++, C # and python. |
Basic orientation in MS Windows and Linux operating systems. Orientation in programming languages: Java, C, C ++, C # and python. |
learning outcomes |
---|
Describe programming languages from the perspective of reverse analysis |
Describe programming languages from the perspective of reverse analysis |
Describe how to transform source code into executable form |
Describe how to transform source code into executable form |
Popsat problematiku podpisů (magické bajty, magická čísla) |
Popsat problematiku podpisů (magické bajty, magická čísla) |
Describe security issues related to registry manipulation |
Describe security issues related to registry manipulation |
Describe the security problems associated with using the GNU Debugger |
Describe the security problems associated with using the GNU Debugger |
After completing the course, the student will be able to understand the issues of reverse code analysis of modern applications. The course will introduce typical attack techniques faced by current software. The acquired knowledge will enable students to design and create secure applications that will be in line with world standards. |
After completing the course, the student will be able to understand the issues of reverse code analysis of modern applications. The course will introduce typical attack techniques faced by current software. The acquired knowledge will enable students to design and create secure applications that will be in line with world standards. |
Skills |
---|
Use GNU Debugger for reverse analysis |
Use GNU Debugger for reverse analysis |
Use eXamine to investigate memory |
Use eXamine to investigate memory |
Calculate values of eflags suitable for attack |
Calculate values of eflags suitable for attack |
Perform attacks aimed at jumping out of for loops |
Perform attacks aimed at jumping out of for loops |
Perform attacks aimed at jumping out of while cycles |
Perform attacks aimed at jumping out of while cycles |
teaching methods |
---|
Knowledge |
---|
E-learning |
E-learning |
Demonstration |
Demonstration |
Lecturing |
Lecturing |
assessment methods |
---|
Composite examination (Written part + oral part) |
Composite examination (Written part + oral part) |
Recommended literature
|
-
DANG, Bruce, Alexandre. GAZET, Elias. BACHAALANY a Sébastien. JOSSE. Practical reverse engineering: x86, x64, ARM, Windows Kernel, reversing tools, and obfuscation. Indianapolis. First edition. Indiana: Wiley, 2014. ISBN 9781118787311.
-
KADAVY, David. Design for hackers: reverse-engineering beauty. First edition. West Sussex, UK: John Wiley, 2011. ISBN 9781119998952.
-
RAO KOTIPALLI, Srinivasa a Mohammed A. IMRAN. Hacking Android. First edition.. Birmingham: Packt Publishing, 2016. ISBN 9781785883149.
-
Velu Vijay Kumar. Mobile application penetration testing. First edition. Birmingham: Packt Publishing, 2016. ISBN 9781785883378.
-
VERMA, Prashant a Akshay DIXIT. Mobile Device Exploitation Cookbook. First edition. Birmingham: Packt Publishing, 2016. ISBN 9781783558728.
|