CYBR 611 Vulnerability Discovery and Exploitation
Understanding vulnerability discovery and exploitation is fundamental to cyber operations, equipping professionals with the skills to identify, analyze, and mitigate security weaknesses across various computing environments. This course provides an in-depth exploration of vulnerability analysis, emphasizing the patterns of vulnerabilities and attack methodologies to help students develop a comprehensive security mindset. Students will analyze various types of vulnerabilities, assess their root causes and impact on security, and explore exploitation techniques and mitigation strategies. Key topics include buffer overflows, privilege escalation attacks, input validation flaws, fuzzing, crash dump analysis, exploit development, and security mitigations such as DEP and ASLR. The course also delves into security design principles, guiding students to integrate proactive security measures into system architecture, software development, and risk mitigation frameworks. Through hands-on exercises, students will identify and exploit vulnerabilities in software utilizing common security mitigations, developing proof-of-concept exploits to demonstrate feasibility. Additionally, the course critically examines vulnerability disclosure ethics, analyzing the legal, ethical, and security implications of publicizing discovered vulnerabilities. By the end of the course, students will have developed the technical proficiency and strategic awareness necessary to assess and mitigate security risks, enabling them to effectively protect and strengthen system defenses in real-world environments.
First day attendance is mandatory.
Prerequisites: Graduate standing. Note: Students are responsible to both be aware of and abide by prerequisites for CYBR courses for which they enroll, and will be administratively dropped from a course if they have not met prerequisites.
Special information
Prerequisites: Graduate standing. Note: Students are responsible to both be aware of and abide by prerequisites for CYBR courses for which they enroll, and will be administratively dropped from a course if they have not met prerequisites.
3 Graduate credits
Effective May 6, 2020 to present
Learning outcomes
General
- Analyze various types of vulnerabilities, their root causes, and identify characteristics to assess their impact on security.
- Evaluate methods of vulnerability exploitation and assess corresponding mitigation strategies in different computing environments.
- Synthesize and integrate fundamental security design principles into system design, development, and implementation to minimize security flaws.
- Apply vulnerabilities across different contexts to derive security lessons applicable to alternative environments.
- Investigate and identify vulnerabilities in software utilizing common security mitigations and develop a proof-of-concept exploit to demonstrate feasibility.
- Evaluate and justify the advantages and drawbacks of vulnerability disclosure, weighing ethical, legal, and security implications.
Summer 2025
Section | Title | Instructor | books | eservices |
---|---|---|---|---|
50 | Vulnerability Discovery and Exploitation | Helmus, Jonathan C | Books for CYBR-611-50 Summer 2025 | Course details for CYBR-611-50 Summer 2025 |