This is an introduction session to the Hack Night curriculum, this session tries to give an overview of what rest of Hack Night sessions is to be followed. More importantly, it also gives the ethics necessary to keep in mind when you learn something as powerful as your going to do now. Next, we will cover various types of disclosure that hackers have followed since its inception.

Before diving into the Hack Night semester, we recommend you take a look at the resources below and become familiar with some of the material.

1. Trends in Vulnerability Disclosure
2. Introduction to Vulnerability Analysis

1. PicoCTF Resources
2. CyFor
3. The Hardware/Software Interface

This session will cover Code Auditing. Code Auditing an application is the process of analyzing application code (in source or binary form) to uncover vulnerabilities that attackers might exploit. By going through this process, you can identify and close security holes that would otherwise put sensitive data and business resources at unnecessary risk. Topics that will be covered are Identifying Architectural, Implementation and Operational vulnerabilities.

1. Design & Operational Reviews [slides]
2. Code Auditing 101 [slides]
3. Code Auditing 102 [slides]

1. Source Code Analysis
2. Application Security
3. The Art of Software Security Assessment
4. Integer Overflows
5. Catching Integer Overflows
6. The Fortify Taxonomy of Software Security Flaws

This is a workshop session, we will present you with some applications that are intentionally vulnerable. Your job is to audit the source code and find vulnerabilities in them. Test the skills that you have learned last week to efficiently go over the process of auditing applications.

1. Client Request Access Protocol We believe this protocol to be severely flawed and require your assistance in identifying vulnerabilities in it. Your objective is to identify and informally describe as many of these issues that you can.
2. News Paper [Simple Usage] (http://pentest.cryptocity.net/files/code_analysis/fall2011_install.sh) This network service simulates a text-based terminal application. The general purpose of the application is to act as a "news server" or text file service. These are two types of users: regular and administrator. Administrators can add users and execute back-end system commands. Users can view and contribute articles (aka text files). Assume the application runs on Linux and is compiled with gcc.
3. Siberia Crimeware Pack (Password: infected) The Siberia kit contains live exploit code and will likely set off AV, however none of the exploit code is in a state where it would be harmful to your computer. In addition to all of the vulnerabilites have been patched years ago, the exploits in Siberia need to be interpreted by PHP and read by your browser for them to have any effect. You can safely disable or create exceptions in your AV for this exercise or place the Siberia files inside a VM.

1. Source Navigator
2. Scitools Understand
3. List of tools for static code analysis

This session will cover web hacking. This session is about getting familiarity with various vulnerabilities commonly found in web applications. You will be able to identify and exploit web application vulnerabilities. Topics to be covered are web application primer, Vuln. commonly found in web apps. (OWASP Top 10) and Basic web testing methodologies.

1. Web Hacking 101 [slides]
2. Web Hacking 102 [slides]

1. Web Security
2. The Tangled Web
3. OWASP Top 10
4. OWASP Top 10 Tools and Tactics

In this session, we will be using some intentionally vulnerable web applications and will them to identify and analyze the top ten vulnerabilities commonly found in the web applications You will be going through the steps of busticating a real site and throwing a fire sale using freely available tools.

1. Google Gruyere
2. OWASP WebGoat
3. Damn Vulnerable Web Application

This session is about Reverse Engineering. Most of the software we use everyday is closed source. You don't have the liberty to look at the source code, at this point we need to analyze the available compiled binary. But, reversing a binary is no easy task but can be done with the proper methodology and the right tools. This is exactly what two of world's best reverser's are going to teach you.

1. Reverse Engineering 101
2. Reverse Engineering 102 [slides]
3. Dynamic Reverse Engineering [slides]

1. Reverse Engineering
2. Application Security

Picking up from previous session, we will present you with an application which has no source code. Your job is to understand what the application is doing and figure out any loopholes present in that application. You'll use tools like IDA that Alex Sotirov demonstrated in the last lecture to analyze the binary and get a complete understanding of the application.

1. Challenge Application
2. IDA Demo
3. VMWare player

1. x86 Win32 Reverse Engineering Cheatsheet
2. IDA Pro Shortcuts

In this session we will cover x86: Architecture, Assembly, Applications & Alliteration. Intel processors have been a major force in personal computing for more than 30 years. An understanding of low level computing mechanisms used in Intel chips as taught in this course serves as a foundation upon which to better understand other hardware, as well as many technical specialties such as reverse engineering, compiler design, operating system design, code optimization, and vulnerability exploitation. 50% of the time will be spent learning Windows/Linux tools and analysis of simple programs.

1. Introductory Intel x86 Day 1
2. Introductory Intel x86 Day 2

1. All Materials for Introductory Intel x86
2. Reverse Engineering

Picking up from the last week's session, we will continue to explore the world of x86. This is going to be a workshop were we will write programs at assembly level. Once, we get familiar to basic x86 instructions we will switch to analyzing a real application and try to get high level understanding of what the application is doing. The goal would be to get familiar with calling conventions, stack and stack frames.

1. CMU Bomb Lab (Linux/IA32 binary)

In this week's session, we will go over some advanced concepts related to computer security. Dino Dai Zovi will go over various memory errors that an application can cause often leading to catastrophic results. Topics that will be covered are various memory errors like buffer overflows, uninitialized variables, use after free etc and how we can use them to take control of an application. We will also look at exploitation mitigation that your current OS implements, it's not 1988 anymore. Finally, we will look at some bypassing techniques on the mitigation's.

1. Memory Corruption 101 [slides]

1. Exploitation

Picking up from the last session, we will do a live exploitation of a vulnerable program. We will go through all the steps that Dino explained in his lecture to write a control flow hijacking exploit and take over the program. Once we are done with the 1990's style exploitation, we will re-compile the program with modern mitigation technologies and look at various techniques used to bypass these mitigation's.

1. Vulnerable Application
2. VMWare Player
3. Linux Machine (preferably, Ubuntu)

1. Gera's Insecure Programming by Example
2. Exploit-Exercises

In this week, we will cover post-exploitation. Post-exploitation is the stage in the intrusion kill chain wherein the attacker uses persistence techniques after the victim's system is compromised to maintain his presence on the machine. In addition the attacker also wants his presence to be hidden, this includes evading antivirus software, covering his/her tracks, etc. We will look at various techniques used by attackers to achieve the aforementioned goals.

1. Post Exploitation

1. Symantec Stuxnet Dossier
2. Useful References

In this, the last session of Hack Night. We will be going over Fuzzing and later have a short discussion on what you can do to continue improving your skills. Fuzzing is a black box software testing technique, which consists of finding implementation bugs by manipulating input data sent to an application automatically. We will go over different types of fuzzing, various methods used for fuzzing, and finally the process of "smart" fuzzing.

1. Fuzzing

1. Fuzzing
2. Useful References

Hack Night is designed to culminate in each student developing some kind of deliverable related to computer security, the goal being that everyone leaves the program with more knowledge about security.

1. Project Ideas
2. Project Ideas Wiki