http://ocw.cs.pub.ro/courses/ 2026-05-17T00:59:21+03:00 http://ocw.cs.pub.ro/courses/ http://ocw.cs.pub.ro/courses/lib/tpl/arctic/images/favicon.ico text/html 2019-10-07T14:42:42+03:00 http://ocw.cs.pub.ro/courses/cns/extra/assembly-language?rev=1570448562&do=diff * Slides * Keywords: assembly, mnemonics, instructions, architecture, ISA, registers, addressing modes, CISC and RISC, memory-to-memory, load-store, assembling, linking, control flow, arithmetic/logical, data transfer, function calls, system calls, disassembling, objdump, NOP text/html 2019-10-07T14:51:21+03:00 http://ocw.cs.pub.ro/courses/cns/extra/dynamic-analysis?rev=1570449081&do=diff * Slides * Keywords: static analysis, dynamic analysis, process, blackbox, profiling, debugging, fuzzing, strace / ltrace, lsof / pmap, perf, GDB, LLDB, JTAG, breakpoint, info, examine, ni, si, backtrace, up, down, write, searchmem, dynamic linking, dynamic loading, lazy binding, trampoline, PLT, GOT text/html 2020-10-11T15:11:33+03:00 http://ocw.cs.pub.ro/courses/cns/extra/gdb?rev=1602418293&do=diff Getting help with GDB Whenever you want to find out more information about GDB commands feel free to search for it inside the documentation or by using the help command followed by your area of interest. For example searching for help for the disassemble command can be obtained by running the following command in GDB: text/html 2020-11-02T16:10:40+03:00 http://ocw.cs.pub.ro/courses/cns/extra/ida?rev=1604326240&do=diff Debugging with IDA IDA is a: * disassembler (As a disassembler, IDA explores binary programs, for which source code isn't always available, to create maps of their execution) * debugger ( IDA can be used as a local and as a remote debugger on various platforms, including the ubiquitous 80×86, typically Windows/Linux and the ARM platform and other platforms) * decompiler (IDA can transform binary applications into a high level readable text. Unlike disassemblers, which perform the same … text/html 2017-01-28T16:43:45+03:00 http://ocw.cs.pub.ro/courses/cns/extra/start?rev=1485614625&do=diff Extra resources for the CNS class, such as old labs. extra index text/html 2019-10-07T14:50:55+03:00 http://ocw.cs.pub.ro/courses/cns/extra/static-analysis?rev=1570449055&do=diff * Slides * Keywords: static analysis, dynamic analysis, executable, ELF, library, object file, readelf, section, segment, access rights, disassembling, objdump, nm, symbols, linker, ld, static linking, dynamic linking Demos For obtaining the demo archive, run the following commands: text/html 2017-01-28T16:42:25+03:00 http://ocw.cs.pub.ro/courses/cns/extra/web-app-security-01?rev=1485614545&do=diff Resources * Google search options * Wapiti, Skipfish * Burp * HTTP methods: GET vs. POST * RFC 6265: HTTP State Management Mechanism Supporting files For this lab, install the Burp suite. Download the free version, copy it in the home directory and run it later using: text/html 2022-03-14T12:42:41+03:00 http://ocw.cs.pub.ro/courses/cns/extra/web-app-security-02?rev=1647254561&do=diff Resources * OWASP Testing Guide v4, Section 4.8 Input validation testing * Command injection * SQL Cheat Sheet - Oracle SQL & PostgreSQL * SQL injection * SQL Injection Cheat Sheet * Reflected XSS versus Stored XSS * DOM-based XSS * Same-origin policy * Burp Suite Cheat Sheet