SecTalks is a non-profit community that runs monthly sessions for technical security talks, and hands-on security challenges! A forum to learn & discuss technical (in)security stuff. We have a mix of sessions for both beginners and security professionals.
Thanks to our Sponsors - PwC Sydney ( https://pwc.com.au ) - elttam ( https://elttam.com.au ): an Australian specialised IT security firm that provides independent security consulting and training services. - Tyro Payments ( https://tyro.com ): an Australian financial "fintech" institution specialising in merchant credit, debit and EFTPOS acquiring. - Atlassian Sydney ( https://atlassian.com ): an Australian enterprise software company that develops products for software developers, project managers, and content management.
As promised, this is the first in series of Secure Programming Workshops.
# Numeric Overflow
Numeric overflow (and underflow) is a security bug that can effect many programs and appear in almost every programming language or framework. From Aviation industry to video games, this bug has resulted into severe security vulnerabilities. It can go undetected easily and programming language frameworks have failed to address it. A programmer should be aware what Numeric Overflow is and how to eliminate it effectively.
This workshop is divided into two parts: theory (lecture) and hands-on (lab).
In the first part, we are going to learn what numeric overflow (and underflow) is and deep dive into computer internals to understand why it happens.
In the second part, we are going to find and effectively patch this bug in a given program. We will learn how to detect this bug at run-time (blackbox) and by code-review (whitebox). We will then learn what are effective ways to address this bug.
by Dr. Pedram (pi3ch) Hayati
To do the lab you need well-configured docker and make utility.
# Call for participation
For the second part, I want to make this workshop interactive.
Atlassian Sydney (https://bit.ly/2Hk2qX1)
Google Sydney (https://bit.ly/2IiKrCm)
For sponsoring SecTalks Sydney, Please contact [masked]