This lesson is still being designed and assembled (Pre-Alpha version)

Secure Coding

This lesson will walk you through some simple example of insecure or buggy code that have led to major cybersecurity vulnerabilities. We will start with SQL Injection attacks that exploit insecure database client code, followed by the infamous HeartBleed attack that exploited buggy OpenSSL library code.

Prerequisites

Create an account on CHEESEHub

Schedule

Setup Download files required for the lesson
00:00 1. Introduction What is secure coding?
What are some types of attacks that exploit code vulnerabilities?
What are the broader impacts of insecure code?
00:10 2. SQL Injection Attack What is SQL Injection?
What causes this vulnerability?
What are the broader impacts of SQL Injection attacks?
How can code be secured against SQL Injection attacks?
00:50 3. Heartbleed Attack What is the Heartbleed bug?
What caused this vulnerability?
What are the broader impacts of the Heartbleed bug?
How can code be secured against bugs like Heartbleed?
01:30 4. Format String Vulnerability What is the format string vulnerability?
Why is it dangerous?
What are some uses for it?
05:30 5. Return-to-libc Attack What is the return-to-libc attack?
Why is it dangerous?
What can you do to prevent this attack on your system?
09:50 Finish

The actual schedule may vary slightly depending on the topics and exercises chosen by the instructor.