CYBR 611 Vulnerability Discovery and Exploitation

Understanding vulnerability discovery and exploitation is fundamental to cyber operations, equipping professionals with the skills to identify, analyze, and mitigate security weaknesses across various computing environments. This course provides an in-depth exploration of vulnerability analysis, emphasizing the patterns of vulnerabilities and attack methodologies to help students develop a comprehensive security mindset. Students will analyze various types of vulnerabilities, assess their root causes and impact on security, and explore exploitation techniques and mitigation strategies. Key topics include buffer overflows, privilege escalation attacks, input validation flaws, fuzzing, crash dump analysis, exploit development, and security mitigations such as DEP and ASLR. The course also delves into security design principles, guiding students to integrate proactive security measures into system architecture, software development, and risk mitigation frameworks. Through hands-on exercises, students will identify and exploit vulnerabilities in software utilizing common security mitigations, developing proof-of-concept exploits to demonstrate feasibility. Additionally, the course critically examines vulnerability disclosure ethics, analyzing the legal, ethical, and security implications of publicizing discovered vulnerabilities. By the end of the course, students will have developed the technical proficiency and strategic awareness necessary to assess and mitigate security risks, enabling them to effectively protect and strengthen system defenses in real-world environments.

Special information

First day attendance is mandatory.
Prerequisites: Graduate standing. Note: Students are responsible to both be aware of and abide by prerequisites for CYBR courses for which they enroll, and will be administratively dropped from a course if they have not met prerequisites.