SlideShare a Scribd company logo

Engineering & security

Kaushal Parikh
Kaushal Parikh

My take on how we can learn security with Engineering Subjects

Engineering
1 of 15
Download to read offline
Disclaimer: The ideas presented are the views of the author and can be wrong.
Engineering and Security
Agenda ➢ Brief Introduction ➢ Use of Assembly Level Language in Security ➢ Use of Various Other Subjects for Security ➢ Security As a Career & various branches in security. ➢ Question and Answers.
About Me ● Security Enthusiast ● Part time Bounty Hunter ● Certified Ethical Hacker ● CCNA ● php developer.
Brief Introduction Why Security?
Use of Assembly Language in Security ● Reverse Engineering ● Malware Analysis ● Fuzzing ● Buffer Overflows ● Hardcore Hacking i.e. exploiting systems ● Virus writing ● Software Vulnerability analyst
Reverse Engineering ● Fight of developers vs hackers i.e free stuff ;) ● Crack Me’s ● Android R.E ● Code Obfuscation
Buffer Overflows Buffer overflow, or buffer overrun, is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory locations. This is a special case of the violation of memory safety Let’s see an example
Fuzzing ● Fuzz testing or Fuzzing is a Black Box software testing technique, which basically consists in finding implementation bugs using malformed/semi-malformed data injection in an automated fashion. ● A shellcode is a small piece of code used as the payload in the exploitation of a software vulnerability.
Virus Let’s jump to an example
Other Engineering Subjects in Relation with Security ● Computer Networks ● Operating Systems ● Advanced Database Management Systems ● Open Source Technology e.g. Apache ● Virtualization Various Security Domains
Engineering & security

Recommended

Test driven development with sonarQube
Test driven development with sonarQubeTest driven development with sonarQube
Test driven development with sonarQubeNanthakumar Suvethan
 
Security in open source projects
Security in open source projectsSecurity in open source projects
Security in open source projectsJose Manuel Ortega Candel
 
Cyber security webinar 6 - How to build systems that resist attacks?
Cyber security webinar 6 - How to build systems that resist attacks?Cyber security webinar 6 - How to build systems that resist attacks?
Cyber security webinar 6 - How to build systems that resist attacks?F-Secure Corporation
 
Hacking Vulnerable Websites to Bypass Firewalls
Hacking Vulnerable Websites to Bypass FirewallsHacking Vulnerable Websites to Bypass Firewalls
Hacking Vulnerable Websites to Bypass FirewallsNetsparker
 
Ns
NsNs
NsDeepenti123
 
Fuzzing | Null OWASP Mumbai | 2016 June
Fuzzing | Null OWASP Mumbai | 2016 JuneFuzzing | Null OWASP Mumbai | 2016 June
Fuzzing | Null OWASP Mumbai | 2016 Junenullowaspmumbai
 
Rooted con 2020 - from the heaven to hell in the CI - CD
Rooted con 2020 - from the heaven to hell in the CI - CDRooted con 2020 - from the heaven to hell in the CI - CD
Rooted con 2020 - from the heaven to hell in the CI - CDDaniel Garcia (a.k.a cr0hn)
 
10290057.ppt
10290057.ppt10290057.ppt
10290057.pptImXaib
 

Recommended

Test driven development with sonarQube
Test driven development with sonarQubeTest driven development with sonarQube
Test driven development with sonarQubeNanthakumar Suvethan
 
Security in open source projects
Security in open source projectsSecurity in open source projects
Security in open source projectsJose Manuel Ortega Candel
 
Cyber security webinar 6 - How to build systems that resist attacks?
Cyber security webinar 6 - How to build systems that resist attacks?Cyber security webinar 6 - How to build systems that resist attacks?
Cyber security webinar 6 - How to build systems that resist attacks?F-Secure Corporation
 
Hacking Vulnerable Websites to Bypass Firewalls
Hacking Vulnerable Websites to Bypass FirewallsHacking Vulnerable Websites to Bypass Firewalls
Hacking Vulnerable Websites to Bypass FirewallsNetsparker
 
Ns
NsNs
NsDeepenti123
 
Fuzzing | Null OWASP Mumbai | 2016 June
Fuzzing | Null OWASP Mumbai | 2016 JuneFuzzing | Null OWASP Mumbai | 2016 June
Fuzzing | Null OWASP Mumbai | 2016 Junenullowaspmumbai
 
Rooted con 2020 - from the heaven to hell in the CI - CD
Rooted con 2020 - from the heaven to hell in the CI - CDRooted con 2020 - from the heaven to hell in the CI - CD
Rooted con 2020 - from the heaven to hell in the CI - CDDaniel Garcia (a.k.a cr0hn)
 
10290057.ppt
10290057.ppt10290057.ppt
10290057.pptImXaib
 
Enterprise PHP
Enterprise PHPEnterprise PHP
Enterprise PHPMohammad Emran Hasan
 
Open source software best practices
Open source software best practicesOpen source software best practices
Open source software best practicesparewalabs
 
Code - Fu: Defensive Programming
Code - Fu: Defensive ProgrammingCode - Fu: Defensive Programming
Code - Fu: Defensive ProgrammingNyarai Tinashe Gomiwa
 
Program security
Program securityProgram security
Program securityG Prachi
 
DevSecOps: What Why and How : Blackhat 2019
DevSecOps: What Why and How : Blackhat 2019DevSecOps: What Why and How : Blackhat 2019
DevSecOps: What Why and How : Blackhat 2019NotSoSecure Global Services
 
Dont run with scissors
Dont run with scissorsDont run with scissors
Dont run with scissorsMorgan Roman
 
Code - Fu: Defensive Programming
Code - Fu: Defensive ProgrammingCode - Fu: Defensive Programming
Code - Fu: Defensive ProgrammingSovTech
 
Windows Offender: Reverse Engineering Windows Defender's Antivirus Emulator
Windows Offender: Reverse Engineering Windows Defender's Antivirus EmulatorWindows Offender: Reverse Engineering Windows Defender's Antivirus Emulator
Windows Offender: Reverse Engineering Windows Defender's Antivirus EmulatorPriyanka Aash
 
php blunders
php blundersphp blunders
php blundersdecatv
 
SmartphoneHacking_Android_Exploitation
SmartphoneHacking_Android_ExploitationSmartphoneHacking_Android_Exploitation
SmartphoneHacking_Android_ExploitationMalachi Jones
 
Capability Building for Cyber Defense: Software Walk through and Screening
Capability Building for Cyber Defense: Software Walk through and Screening Capability Building for Cyber Defense: Software Walk through and Screening
Capability Building for Cyber Defense: Software Walk through and Screening Maven Logix
 
Develop, Test & Maintain Secure Systems (While Being PCI Compliant)
Develop, Test & Maintain Secure Systems (While Being PCI Compliant)Develop, Test & Maintain Secure Systems (While Being PCI Compliant)
Develop, Test & Maintain Secure Systems (While Being PCI Compliant)Security Innovation
 
Anatomy of PHP Shells
Anatomy of PHP ShellsAnatomy of PHP Shells
Anatomy of PHP ShellsVedran Krivokuca
 
TSC Summit #3 - Reverse engineering and anti debugging techniques
TSC Summit #3 - Reverse engineering and anti debugging techniquesTSC Summit #3 - Reverse engineering and anti debugging techniques
TSC Summit #3 - Reverse engineering and anti debugging techniquesMikal Villa
 
Continuous security testing - sharing responsibility
Continuous security testing - sharing responsibilityContinuous security testing - sharing responsibility
Continuous security testing - sharing responsibilityVodqaBLR
 
Buffer overflow explained
Buffer overflow explainedBuffer overflow explained
Buffer overflow explainedTeja Babu
 
Year Zero
Year ZeroYear Zero
Year Zeroleifdreizler
 
11 PHP Security #burningkeyboards
11 PHP Security #burningkeyboards11 PHP Security #burningkeyboards
11 PHP Security #burningkeyboardsDenis Ristic
 
Software cracking and patching
Software cracking and patchingSoftware cracking and patching
Software cracking and patchingMayank Gavri
 
CS1101 Unit 1 Discussion Assignment.docx
CS1101 Unit 1 Discussion Assignment.docxCS1101 Unit 1 Discussion Assignment.docx
CS1101 Unit 1 Discussion Assignment.docxzend_alvi
 
Introduction-to- Metrology and Quality.pptx
Introduction-to- Metrology and Quality.pptxIntroduction-to- Metrology and Quality.pptx
Introduction-to- Metrology and Quality.pptxProfASKolap
 
Maximizing Incident Investigation Efficacy in Oil & Gas: Techniques and Tools
Maximizing Incident Investigation Efficacy in Oil & Gas: Techniques and ToolsMaximizing Incident Investigation Efficacy in Oil & Gas: Techniques and Tools
Maximizing Incident Investigation Efficacy in Oil & Gas: Techniques and Toolssoginsider
 

More Related Content

Similar to Engineering & security

Open source software best practices
Open source software best practicesOpen source software best practices
Open source software best practicesparewalabs
 
Program security
Program securityProgram security
Program securityG Prachi
 
Dont run with scissors
Dont run with scissorsDont run with scissors
Dont run with scissorsMorgan Roman
 
Code - Fu: Defensive Programming
Code - Fu: Defensive ProgrammingCode - Fu: Defensive Programming
Code - Fu: Defensive ProgrammingSovTech
 
Windows Offender: Reverse Engineering Windows Defender's Antivirus Emulator
Windows Offender: Reverse Engineering Windows Defender's Antivirus EmulatorWindows Offender: Reverse Engineering Windows Defender's Antivirus Emulator
Windows Offender: Reverse Engineering Windows Defender's Antivirus EmulatorPriyanka Aash
 
php blunders
php blundersphp blunders
php blundersdecatv
 
SmartphoneHacking_Android_Exploitation
SmartphoneHacking_Android_ExploitationSmartphoneHacking_Android_Exploitation
SmartphoneHacking_Android_ExploitationMalachi Jones
 
Capability Building for Cyber Defense: Software Walk through and Screening
Capability Building for Cyber Defense: Software Walk through and Screening Capability Building for Cyber Defense: Software Walk through and Screening
Capability Building for Cyber Defense: Software Walk through and Screening Maven Logix
 
Develop, Test & Maintain Secure Systems (While Being PCI Compliant)
Develop, Test & Maintain Secure Systems (While Being PCI Compliant)Develop, Test & Maintain Secure Systems (While Being PCI Compliant)
Develop, Test & Maintain Secure Systems (While Being PCI Compliant)Security Innovation
 
TSC Summit #3 - Reverse engineering and anti debugging techniques
TSC Summit #3 - Reverse engineering and anti debugging techniquesTSC Summit #3 - Reverse engineering and anti debugging techniques
TSC Summit #3 - Reverse engineering and anti debugging techniquesMikal Villa
 
Continuous security testing - sharing responsibility
Continuous security testing - sharing responsibilityContinuous security testing - sharing responsibility
Continuous security testing - sharing responsibilityVodqaBLR
 
Buffer overflow explained
Buffer overflow explainedBuffer overflow explained
Buffer overflow explainedTeja Babu
 
11 PHP Security #burningkeyboards
11 PHP Security #burningkeyboards11 PHP Security #burningkeyboards
11 PHP Security #burningkeyboardsDenis Ristic
 
Software cracking and patching
Software cracking and patchingSoftware cracking and patching
Software cracking and patchingMayank Gavri
 
CS1101 Unit 1 Discussion Assignment.docx
CS1101 Unit 1 Discussion Assignment.docxCS1101 Unit 1 Discussion Assignment.docx
CS1101 Unit 1 Discussion Assignment.docxzend_alvi
 

Similar to Engineering & security (20)

Enterprise PHP
Enterprise PHPEnterprise PHP
Enterprise PHP
 
Open source software best practices
Open source software best practicesOpen source software best practices
Open source software best practices
 
Code - Fu: Defensive Programming
Code - Fu: Defensive ProgrammingCode - Fu: Defensive Programming
Code - Fu: Defensive Programming
 
Program security
Program securityProgram security
Program security
 
DevSecOps: What Why and How : Blackhat 2019
DevSecOps: What Why and How : Blackhat 2019DevSecOps: What Why and How : Blackhat 2019
DevSecOps: What Why and How : Blackhat 2019
 
Dont run with scissors
Dont run with scissorsDont run with scissors
Dont run with scissors
 
Code - Fu: Defensive Programming
Code - Fu: Defensive ProgrammingCode - Fu: Defensive Programming
Code - Fu: Defensive Programming
 
Windows Offender: Reverse Engineering Windows Defender's Antivirus Emulator
Windows Offender: Reverse Engineering Windows Defender's Antivirus EmulatorWindows Offender: Reverse Engineering Windows Defender's Antivirus Emulator
Windows Offender: Reverse Engineering Windows Defender's Antivirus Emulator
 
php blunders
php blundersphp blunders
php blunders
 
SmartphoneHacking_Android_Exploitation
SmartphoneHacking_Android_ExploitationSmartphoneHacking_Android_Exploitation
SmartphoneHacking_Android_Exploitation
 
Capability Building for Cyber Defense: Software Walk through and Screening
Capability Building for Cyber Defense: Software Walk through and Screening Capability Building for Cyber Defense: Software Walk through and Screening
Capability Building for Cyber Defense: Software Walk through and Screening
 
Develop, Test & Maintain Secure Systems (While Being PCI Compliant)
Develop, Test & Maintain Secure Systems (While Being PCI Compliant)Develop, Test & Maintain Secure Systems (While Being PCI Compliant)
Develop, Test & Maintain Secure Systems (While Being PCI Compliant)
 
Anatomy of PHP Shells
Anatomy of PHP ShellsAnatomy of PHP Shells
Anatomy of PHP Shells
 
TSC Summit #3 - Reverse engineering and anti debugging techniques
TSC Summit #3 - Reverse engineering and anti debugging techniquesTSC Summit #3 - Reverse engineering and anti debugging techniques
TSC Summit #3 - Reverse engineering and anti debugging techniques
 
Continuous security testing - sharing responsibility
Continuous security testing - sharing responsibilityContinuous security testing - sharing responsibility
Continuous security testing - sharing responsibility
 
Buffer overflow explained
Buffer overflow explainedBuffer overflow explained
Buffer overflow explained
 
Year Zero
Year ZeroYear Zero
Year Zero
 
11 PHP Security #burningkeyboards
11 PHP Security #burningkeyboards11 PHP Security #burningkeyboards
11 PHP Security #burningkeyboards
 
Software cracking and patching
Software cracking and patchingSoftware cracking and patching
Software cracking and patching
 
CS1101 Unit 1 Discussion Assignment.docx
CS1101 Unit 1 Discussion Assignment.docxCS1101 Unit 1 Discussion Assignment.docx
CS1101 Unit 1 Discussion Assignment.docx
 

Recently uploaded

Introduction-to- Metrology and Quality.pptx
Introduction-to- Metrology and Quality.pptxIntroduction-to- Metrology and Quality.pptx
Introduction-to- Metrology and Quality.pptxProfASKolap
 
Maximizing Incident Investigation Efficacy in Oil & Gas: Techniques and Tools
Maximizing Incident Investigation Efficacy in Oil & Gas: Techniques and ToolsMaximizing Incident Investigation Efficacy in Oil & Gas: Techniques and Tools
Maximizing Incident Investigation Efficacy in Oil & Gas: Techniques and Toolssoginsider
 
Instruct Nirmaana 24-Smart and Lean Construction Through Technology.pdf
Instruct Nirmaana 24-Smart and Lean Construction Through Technology.pdfInstruct Nirmaana 24-Smart and Lean Construction Through Technology.pdf
Instruct Nirmaana 24-Smart and Lean Construction Through Technology.pdfEr.Sonali Nasikkar
 
analog-vs-digital-communication (concept of analog and digital).pptx
analog-vs-digital-communication (concept of analog and digital).pptxanalog-vs-digital-communication (concept of analog and digital).pptx
analog-vs-digital-communication (concept of analog and digital).pptxKarpagam Institute of Teechnology
 
CLOUD COMPUTING SERVICES - Cloud Reference Modal
CLOUD COMPUTING SERVICES - Cloud Reference ModalCLOUD COMPUTING SERVICES - Cloud Reference Modal
CLOUD COMPUTING SERVICES - Cloud Reference ModalSwarnaSLcse
 
UNIT 4 PTRP final Convergence in probability.pptx
UNIT 4 PTRP final Convergence in probability.pptxUNIT 4 PTRP final Convergence in probability.pptx
UNIT 4 PTRP final Convergence in probability.pptxkalpana413121
 
Developing a smart system for infant incubators using the internet of things ...
Developing a smart system for infant incubators using the internet of things ...Developing a smart system for infant incubators using the internet of things ...
Developing a smart system for infant incubators using the internet of things ...IJECEIAES
 
engineering chemistry power point presentation
engineering chemistry power point presentationengineering chemistry power point presentation
engineering chemistry power point presentationsj9399037128
 
Geometric constructions Engineering Drawing.pdf
Geometric constructions Engineering Drawing.pdfGeometric constructions Engineering Drawing.pdf
Geometric constructions Engineering Drawing.pdfJNTUA
 
Presentation on Slab, Beam, Column, and Foundation/Footing
Presentation on Slab, Beam, Column, and Foundation/FootingPresentation on Slab, Beam, Column, and Foundation/Footing
Presentation on Slab, Beam, Column, and Foundation/FootingEr. Suman Jyoti
 
DBMS-Report on Student management system.pptx
DBMS-Report on Student management system.pptxDBMS-Report on Student management system.pptx
DBMS-Report on Student management system.pptxrajjais1221
 
Passive Air Cooling System and Solar Water Heater.ppt
Passive Air Cooling System and Solar Water Heater.pptPassive Air Cooling System and Solar Water Heater.ppt
Passive Air Cooling System and Solar Water Heater.pptamrabdallah9
 
handbook on reinforce concrete and detailing
handbook on reinforce concrete and detailinghandbook on reinforce concrete and detailing
handbook on reinforce concrete and detailingAshishSingh1301
 
Path loss model, OKUMURA Model, Hata Model
Path loss model, OKUMURA Model, Hata ModelPath loss model, OKUMURA Model, Hata Model
Path loss model, OKUMURA Model, Hata ModelDrAjayKumarYadav4
 
Databricks Generative AI Fundamentals .pdf
Databricks Generative AI Fundamentals .pdfDatabricks Generative AI Fundamentals .pdf
Databricks Generative AI Fundamentals .pdfVinayVadlagattu
 
What is Coordinate Measuring Machine? CMM Types, Features, Functions
What is Coordinate Measuring Machine? CMM Types, Features, FunctionsWhat is Coordinate Measuring Machine? CMM Types, Features, Functions
What is Coordinate Measuring Machine? CMM Types, Features, FunctionsVIEW
 
Artificial Intelligence in due diligence
Artificial Intelligence in due diligenceArtificial Intelligence in due diligence
Artificial Intelligence in due diligencemahaffeycheryld
 
Working Principle of Echo Sounder and Doppler Effect.pdf
Working Principle of Echo Sounder and Doppler Effect.pdfWorking Principle of Echo Sounder and Doppler Effect.pdf
Working Principle of Echo Sounder and Doppler Effect.pdfSkNahidulIslamShrabo
 
☎️Looking for Abortion Pills? Contact +27791653574.. 💊💊Available in Gaborone ...
☎️Looking for Abortion Pills? Contact +27791653574.. 💊💊Available in Gaborone ...☎️Looking for Abortion Pills? Contact +27791653574.. 💊💊Available in Gaborone ...
☎️Looking for Abortion Pills? Contact +27791653574.. 💊💊Available in Gaborone ...mikehavy0
 
Artificial intelligence presentation2-171219131633.pdf
Artificial intelligence presentation2-171219131633.pdfArtificial intelligence presentation2-171219131633.pdf
Artificial intelligence presentation2-171219131633.pdfKira Dess
 

Recently uploaded (20)

Introduction-to- Metrology and Quality.pptx
Introduction-to- Metrology and Quality.pptxIntroduction-to- Metrology and Quality.pptx
Introduction-to- Metrology and Quality.pptx
 
Maximizing Incident Investigation Efficacy in Oil & Gas: Techniques and Tools
Maximizing Incident Investigation Efficacy in Oil & Gas: Techniques and ToolsMaximizing Incident Investigation Efficacy in Oil & Gas: Techniques and Tools
Maximizing Incident Investigation Efficacy in Oil & Gas: Techniques and Tools
 
Instruct Nirmaana 24-Smart and Lean Construction Through Technology.pdf
Instruct Nirmaana 24-Smart and Lean Construction Through Technology.pdfInstruct Nirmaana 24-Smart and Lean Construction Through Technology.pdf
Instruct Nirmaana 24-Smart and Lean Construction Through Technology.pdf
 
analog-vs-digital-communication (concept of analog and digital).pptx
analog-vs-digital-communication (concept of analog and digital).pptxanalog-vs-digital-communication (concept of analog and digital).pptx
analog-vs-digital-communication (concept of analog and digital).pptx
 
CLOUD COMPUTING SERVICES - Cloud Reference Modal
CLOUD COMPUTING SERVICES - Cloud Reference ModalCLOUD COMPUTING SERVICES - Cloud Reference Modal
CLOUD COMPUTING SERVICES - Cloud Reference Modal
 
UNIT 4 PTRP final Convergence in probability.pptx
UNIT 4 PTRP final Convergence in probability.pptxUNIT 4 PTRP final Convergence in probability.pptx
UNIT 4 PTRP final Convergence in probability.pptx
 
Developing a smart system for infant incubators using the internet of things ...
Developing a smart system for infant incubators using the internet of things ...Developing a smart system for infant incubators using the internet of things ...
Developing a smart system for infant incubators using the internet of things ...
 
engineering chemistry power point presentation
engineering chemistry power point presentationengineering chemistry power point presentation
engineering chemistry power point presentation
 
Geometric constructions Engineering Drawing.pdf
Geometric constructions Engineering Drawing.pdfGeometric constructions Engineering Drawing.pdf
Geometric constructions Engineering Drawing.pdf
 
Presentation on Slab, Beam, Column, and Foundation/Footing
Presentation on Slab, Beam, Column, and Foundation/FootingPresentation on Slab, Beam, Column, and Foundation/Footing
Presentation on Slab, Beam, Column, and Foundation/Footing
 
DBMS-Report on Student management system.pptx
DBMS-Report on Student management system.pptxDBMS-Report on Student management system.pptx
DBMS-Report on Student management system.pptx
 
Passive Air Cooling System and Solar Water Heater.ppt
Passive Air Cooling System and Solar Water Heater.pptPassive Air Cooling System and Solar Water Heater.ppt
Passive Air Cooling System and Solar Water Heater.ppt
 
handbook on reinforce concrete and detailing
handbook on reinforce concrete and detailinghandbook on reinforce concrete and detailing
handbook on reinforce concrete and detailing
 
Path loss model, OKUMURA Model, Hata Model
Path loss model, OKUMURA Model, Hata ModelPath loss model, OKUMURA Model, Hata Model
Path loss model, OKUMURA Model, Hata Model
 
Databricks Generative AI Fundamentals .pdf
Databricks Generative AI Fundamentals .pdfDatabricks Generative AI Fundamentals .pdf
Databricks Generative AI Fundamentals .pdf
 
What is Coordinate Measuring Machine? CMM Types, Features, Functions
What is Coordinate Measuring Machine? CMM Types, Features, FunctionsWhat is Coordinate Measuring Machine? CMM Types, Features, Functions
What is Coordinate Measuring Machine? CMM Types, Features, Functions
 
Artificial Intelligence in due diligence
Artificial Intelligence in due diligenceArtificial Intelligence in due diligence
Artificial Intelligence in due diligence
 
Working Principle of Echo Sounder and Doppler Effect.pdf
Working Principle of Echo Sounder and Doppler Effect.pdfWorking Principle of Echo Sounder and Doppler Effect.pdf
Working Principle of Echo Sounder and Doppler Effect.pdf
 
☎️Looking for Abortion Pills? Contact +27791653574.. 💊💊Available in Gaborone ...
☎️Looking for Abortion Pills? Contact +27791653574.. 💊💊Available in Gaborone ...☎️Looking for Abortion Pills? Contact +27791653574.. 💊💊Available in Gaborone ...
☎️Looking for Abortion Pills? Contact +27791653574.. 💊💊Available in Gaborone ...
 
Artificial intelligence presentation2-171219131633.pdf
Artificial intelligence presentation2-171219131633.pdfArtificial intelligence presentation2-171219131633.pdf
Artificial intelligence presentation2-171219131633.pdf
 

Engineering & security

  • 1. Disclaimer: The ideas presented are the views of the author and can be wrong.
  • 3. Agenda ➢ Brief Introduction ➢ Use of Assembly Level Language in Security ➢ Use of Various Other Subjects for Security ➢ Security As a Career & various branches in security. ➢ Question and Answers.
  • 4. About Me ● Security Enthusiast ● Part time Bounty Hunter ● Certified Ethical Hacker ● CCNA ● php developer.
  • 6. Use of Assembly Language in Security ● Reverse Engineering ● Malware Analysis ● Fuzzing ● Buffer Overflows ● Hardcore Hacking i.e. exploiting systems ● Virus writing ● Software Vulnerability analyst
  • 7. Reverse Engineering ● Fight of developers vs hackers i.e free stuff ;) ● Crack Me’s ● Android R.E ● Code Obfuscation
  • 8. Buffer Overflows Buffer overflow, or buffer overrun, is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory locations. This is a special case of the violation of memory safety Let’s see an example
  • 9.
  • 10. Fuzzing ● Fuzz testing or Fuzzing is a Black Box software testing technique, which basically consists in finding implementation bugs using malformed/semi-malformed data injection in an automated fashion. ● A shellcode is a small piece of code used as the payload in the exploitation of a software vulnerability.
  • 11.
  • 12. Virus Let’s jump to an example
  • 13.
  • 14. Other Engineering Subjects in Relation with Security ● Computer Networks ● Operating Systems ● Advanced Database Management Systems ● Open Source Technology e.g. Apache ● Virtualization Various Security Domains