CSE 363: Offensive Security, Spring 2026

Introduction and Basic Concepts

Reflections on Trusting Trust
Why Offensive Security Needs Engineering Textbooks

Threat Landscape and Basic Security Principles

The Protection of Information in Computer Systems
ENISA Threat Landscape 2025
Buying Spying: Insights into Commercial Surveillance Vendors
MITRE ATT&CK®

Ethics

Legal Issues Surrounding Monitoring During Network Research
About Penetration Testing
Markets for Zero-Day Exploits: Ethics and Implications
Cybercrime: An Overview of the Federal Computer Fraud and Abuse Statute and Related Federal Criminal Laws
Project Zero: Policy and Disclosure: 2025 Edition
The Shapeshifting Crypto Wars
Ethical Frameworks and Computer Security Trolley Problems: Foundations for Conversations
A Researcher’s Guide to Some Legal Risks of Security Research

Network Sniffing

tcpdump
Wireshark
Scapy

Network Traffic Interception

Beej's Guide to Network Concepts
Deep dive into QUANTUM INSERT
airpwn-ng

Network Traffic Interception

Transport Layer Security (TLS)
sslstrip
Bettercap
Performing & Preventing SSL Stripping: A Plain-English Primer

DNS Attacks

Using the Domain Name System for System Break-ins
Corrupted DNS Resolution Paths: The Rise of a Malicious Resolution Authority
Hold-On: Protecting Against On-Path DNS Poisoning
The Hitchhiker’s Guide to DNS Cache Poisoning
An Illustrated Guide to the Kaminsky DNS Vulnerability
DNS security threats and mitigations
DNS Security: Threat Modeling DNSSEC, DoT, and DoH
DNSSEC Deconstructed
Adopting Encrypted DNS in Enterprise Environments
A simple DNS lookup tool

Reconnaissance

nmap
The Art of Port Scanning
Remote OS detection via TCP/IP Stack FingerPrinting
ZMap: Fast Internet-Wide Scanning and its Security Applications
A Brief History of Scanning
An Internet-Wide View of Internet-Wide Scanning

Cancelled due to snow DoS attack

Denial of Service Attacks

Inferring Internet Denial-of-Service Activity
A Taxonomy of DDoS Attack and DDoS Defense Mechanisms
Amplification Hell: Revisiting Network Protocols for DDoS Abuse
China’s Great Cannon

Tunneling

Walls and Gates
Everything VPN is New Again
Wireguard
Algo VPN
Embracing a Zero Trust Security Model
Zero Trust Architecture
BeyondProd: A new approach to cloud-native security

Authentication

A Framework for Comparative Evaluation of Web Authentication Schemes
Dos and Don’ts of Client Authentication on the Web
Designing an Authentication System: a Dialogue in Four Scenes
Data Breaches, Phishing, or Malware? Understanding the Risks of Stolen Credentials
zxcvbn

Authentication

Midterm

No Class: Spring Recess

No Class: Spring Recess

Reverse Engineering

Intel® 64 and IA-32 Architectures Software Developer Manuals
x86 Assembly
Understanding Windows x64 Assembly
Gustavo Duarte's Software Illustrated blog posts
NASM Assembly Language Tutorials
Computer Science from the Bottom Up

Reverse Engineering

Introduction to Reverse Engineering Win32 Applications
Reverse Engineering for Beginners
How main() is executed on Linux
Reverse Engineering Challenges
System V Application Binary Interface
Malware-Analysis-Training
angr
(State of) The Art of War: Offensive Techniques in Binary Analysis

Software Vulnerabilities

Low-level Software Security: Attacks and Defenses
OWASP: Vulnerabilities
Heap Exploitation Part 1: Understanding the Glibc Heap Implementation
Format String Attacks
Vudo malloc tricks
Once upon a free()...
Basic Integer Overflows

Vulnerability Discovery

Fuzz Testing of Application Reliability
Evaluating Fuzz Testing
The Fuzzing Book: Tools and Techniques for Generating Software Tests
Awesome Fuzzing
American Fuzzy Lop
SoK: Sanitizing for Security
Undefined Behavior in 2017
Static Source Code Analysis Tools for C
Automated vulnerability auditing in machine code
Dynamic Program Analysis and Software Exploitation: From the crash to the exploit code
Cyber Grand Shellphish

No Class

Vulnerability Exploitation

Smashing The Stack For Fun And Profit
Tao of Windows Buffer Overflow
The Internet Worm Program: An Analysis
Crash course on buffer overflows by the 10K Students initiative
Using GDB to Develop Exploits - A Basic Run Through
Getting around non-executable stack (and fix)
non-exec stack
The advanced return-into-lib(c) exploits: PaX case study
x86-64 buffer overflow exploits and the borrowed code chunks exploitation technique
Return-Oriented Programming: Systems, Languages, and Applications
Documentation for the PaX project
Scraps of notes on remote stack overflow exploitation
Bypassing StackGuard and StackShield
Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization
SoK: Eternal War in Memory

Malware

The Art of Computer Virus Research and Defense
How to 0wn the Internet in Your Spare Time
Manufacturing Compromise: The Emergence of Exploit-as-a-Service
Evasive Malware Exposed and Deconstructed
The Inside Story Behind MS08-067
NTIllusion: A portable Win32 userland rootkit

Social Engineering

Large Language Models

Physical Security

Guest Lecture

No Class

Anonymity

OPSEC