Many organizations deploy private registry servers in their internal/external application development/deployment environment. Unfortunately, most often, these servers are not securely deployed. In this entirely lab based course, we will look at various configurational vulnerabilities in docker registry servers. In these labs we have used common deployment architectures of a registry server and shown how an attacker can get valuable information out of images stored on the server.
This course will familiarize students with all aspects of reverse engineering (reversing) Windows 32-bit applications for the purposes of locating flaws and developing exploits. By the end of this course students will be able to understand, locate, and exploit all of the common flows in 32-bit Windows software. These flaws include, but are not limited to, buffer overflow, heap overflows, format string flaws, section overflows, and kernel flaws. Along the way students will gain a better understanding of how Windows 32-bit applications work and will be exposed to a number of common reversing tools such as specialized debuggers (IDA Pro) and fuzzers. As always, you will also learn how to leverage Python and other scripting tools in order to automate the discovery and exploitation of software flaws.