This repository presents three practical software security case studies performed in a controlled lab environment to demonstrate how software vulnerabilities can be exploited and analyzed for academic learning.
A stack-based buffer overflow simulation where stack protections were disabled, memory addresses were analyzed using GDB, and crafted payloads were used to overwrite the return address.
A controlled exploit showing how non-executable stack protection can be bypassed by redirecting execution flow to existing libc functions such as system().
A symbolic link race condition attack demonstrating how improper file access validation in Set-UID programs can lead to privilege escalation.
- Understand common software vulnerabilities
- Analyze exploit mechanics
- Study memory behavior during attacks
- Practice secure coding awareness
Shahad Alharbi a student at the University of Jeddah, College of Computer Science and Engineering
These labs were conducted strictly for educational purposes in a secure lab environment.