{"id":3401,"date":"2021-05-11T08:46:03","date_gmt":"2021-05-11T07:46:03","guid":{"rendered":"https:\/\/cyberschool.univ-rennes.fr\/?page_id=3401"},"modified":"2026-03-12T14:29:50","modified_gmt":"2026-03-12T13:29:50","slug":"software-exploitation","status":"publish","type":"page","link":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/software-exploitation\/","title":{"rendered":"Software Exploitation"},"content":{"rendered":"\n<section class=\"txt\">\n    <div class=\"container\">\n        <div class=\"bloc-txt\">\n                            <h2><span class=\"elipse\"><\/span><span class=\"trait\"><\/span>Teaching goals<\/h2>\n                        <p>By the end of this course, students will be able to:<\/p>\n<ul>\n<li>Understand internal memory management mechanisms in C programs.<\/li>\n<li>Identify memory-related vulnerabilities.<\/li>\n<li>Write simple exploits for vulnerable binaries.<\/li>\n<li>Develop custom shellcodes.<\/li>\n<li>Understand and bypass protections such as NX, ASLR, PIE, and stack canaries.<\/li>\n<li>Implement code-reuse attacks (ROP, ret2libc).<\/li>\n<li>Assess memory security risks in software development.<\/li>\n<\/ul>\n\n        <\/div>\n    <\/div>\n<\/section>\n\n\n\n<section class=\"txt\">\n    <div class=\"container\">\n        <div class=\"bloc-txt\">\n                            <h2><span class=\"elipse\"><\/span><span class=\"trait\"><\/span>Course description<\/h2>\n                        <p>This course provides a hands-on introduction to software vulnerability exploitation. Students will learn to identify and exploit various vulnerabilities: stack and heap buffer overflows, shellcode injection, code-reuse techniques (ret2libc, ROP), format string attacks, etc. The course also covers defense mechanisms such as NX, ASLR, PIE, and stack canaries, and how to bypass them in a controlled environment.<\/p>\n\n        <\/div>\n    <\/div>\n<\/section>\n\n\n\n<section class=\"txt\">\n    <div class=\"container\">\n        <div class=\"bloc-txt\">\n                            <h2><span class=\"elipse\"><\/span><span class=\"trait\"><\/span>Course content<\/h2>\n                        <ol>\n<li>Introduction to x86 architecture<\/li>\n<li>Stack buffer overflow exploitation<\/li>\n<li>Shellcode development<\/li>\n<li>Code-reuse attacks<\/li>\n<li>Format string attacks<\/li>\n<li>Heap exploitation techniques<\/li>\n<\/ol>\n\n        <\/div>\n    <\/div>\n<\/section>\n\n\n<section class=\"tuiles\">\n    <div class=\"container\">\n                <div class=\"bloc\">\n            <h2><span class=\"elipse\"><\/span><span class=\"trait\"><\/span>Prerequisites<\/h2>\n            <p>Basic knowledge of C programming, computer architecture, operating systems, and Linux usage.<\/p>\n\n                    <\/div>\n            <\/div>\n<\/section>\n\n\n\n<section class=\"txt\">\n    <div class=\"container\">\n        <div class=\"bloc-txt\">\n                            <h2><span class=\"elipse\"><\/span><span class=\"trait\"><\/span>Bibliography<\/h2>\n                        <div class=\"contain-txt\">\n<ul>\n<li aria-level=\"1\">Secure Coding in C and C++ (2nd edition), by Robert C. Seacord, 2013.<\/li>\n<li aria-level=\"1\">The Shellcoder\u2019s Handbook: Discovering and Exploiting Security Holes (2nd edition), by Chris Anley, John Heasman, Felix Lindner, and Gerardo Richarte, 2007.<\/li>\n<li aria-level=\"1\">Learning Linux Binary Analysis, by Ryan O\u2019Neill, 2016.<\/li>\n<li aria-level=\"1\">Hacking: The Art of Exploitation (2nd edition), by Jon Erickson, 2008.<\/li>\n<\/ul>\n<\/div>\n\n        <\/div>\n    <\/div>\n<\/section>\n\n\n\n<section class=\"txt\">\n    <div class=\"container\">\n        <div class=\"bloc-txt\">\n                            <h2><span class=\"elipse\"><\/span><span class=\"trait\"><\/span>Biography<\/h2>\n                        <p><strong>Benjamin Farinier<\/strong> is an Associate Professor (Ma\u00eetre de Conf\u00e9rences) at the University of Rennes, in the EPICURE research team. He is primarily interested in the formal verification of safety and security properties, from low-level binary code to high-level specifications.<\/p>\n\n        <\/div>\n    <\/div>\n<\/section>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":2,"featured_media":0,"parent":11707,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":[],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.13 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Software Exploitation - CyberSchool<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/software-exploitation\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Software Exploitation - CyberSchool\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/software-exploitation\/\" \/>\n<meta property=\"og:site_name\" content=\"CyberSchool\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/CSchoolRennes\/\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-12T13:29:50+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cyberschool.univ-rennes.fr\/app\/uploads\/2021\/02\/cover-social-network.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"1500\" \/>\n\t<meta property=\"og:image:height\" content=\"500\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@CSchoolRennes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/software-exploitation\/\",\"url\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/software-exploitation\/\",\"name\":\"Software Exploitation - CyberSchool\",\"isPartOf\":{\"@id\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/#website\"},\"datePublished\":\"2021-05-11T07:46:03+00:00\",\"dateModified\":\"2026-03-12T13:29:50+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/software-exploitation\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/software-exploitation\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/software-exploitation\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Education\",\"item\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Master\u2019s and postgraduate programmes\",\"item\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Master\u2019s Cybersecurity, Science of Software and Hardware Security\",\"item\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/\"},{\"@type\":\"ListItem\",\"position\":5,\"name\":\"Study programme of the Master\u2019s Cybersecurity, Science of Software and Hardware Security\",\"item\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/\"},{\"@type\":\"ListItem\",\"position\":6,\"name\":\"Software Exploitation\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/#website\",\"url\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/\",\"name\":\"CyberSchool\",\"description\":\"Just another WordPress site\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Software Exploitation - CyberSchool","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/software-exploitation\/","og_locale":"en_US","og_type":"article","og_title":"Software Exploitation - CyberSchool","og_url":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/software-exploitation\/","og_site_name":"CyberSchool","article_publisher":"https:\/\/www.facebook.com\/CSchoolRennes\/","article_modified_time":"2026-03-12T13:29:50+00:00","og_image":[{"width":1500,"height":500,"url":"https:\/\/cyberschool.univ-rennes.fr\/app\/uploads\/2021\/02\/cover-social-network.jpeg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_site":"@CSchoolRennes","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/software-exploitation\/","url":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/software-exploitation\/","name":"Software Exploitation - CyberSchool","isPartOf":{"@id":"https:\/\/cyberschool.univ-rennes.fr\/en\/#website"},"datePublished":"2021-05-11T07:46:03+00:00","dateModified":"2026-03-12T13:29:50+00:00","breadcrumb":{"@id":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/software-exploitation\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/software-exploitation\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/software-exploitation\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/cyberschool.univ-rennes.fr\/en\/"},{"@type":"ListItem","position":2,"name":"Education","item":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/"},{"@type":"ListItem","position":3,"name":"Master\u2019s and postgraduate programmes","item":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/"},{"@type":"ListItem","position":4,"name":"Master\u2019s Cybersecurity, Science of Software and Hardware Security","item":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/"},{"@type":"ListItem","position":5,"name":"Study programme of the Master\u2019s Cybersecurity, Science of Software and Hardware Security","item":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/"},{"@type":"ListItem","position":6,"name":"Software Exploitation"}]},{"@type":"WebSite","@id":"https:\/\/cyberschool.univ-rennes.fr\/en\/#website","url":"https:\/\/cyberschool.univ-rennes.fr\/en\/","name":"CyberSchool","description":"Just another WordPress site","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cyberschool.univ-rennes.fr\/en\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/pages\/3401"}],"collection":[{"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/comments?post=3401"}],"version-history":[{"count":28,"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/pages\/3401\/revisions"}],"predecessor-version":[{"id":18453,"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/pages\/3401\/revisions\/18453"}],"up":[{"embeddable":true,"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/pages\/11707"}],"wp:attachment":[{"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/media?parent=3401"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}