1 of 149

Introduction to

Cybersecurity

David J. Malan

malan@harvard.edu

2 of 149

Souvenir Photo

3 of 149

Introduction to

Cybersecurity

David J. Malan

malan@harvard.edu

4 of 149

Securing Software

5 of 149

Phishing

6 of 149

<!DOCTYPE html>

<html>

<body>

</body>

</html>

7 of 149

<p>...</p>

8 of 149

<script>...</script>

9 of 149

<a>Harvard</a>

10 of 149

<a href="…">Harvard</a>

11 of 149

<a href="https://harvard.edu">Harvard</a>

12 of 149

13 of 149

14 of 149

<a href="https://harvard.edu">Harvard</a>

15 of 149

<a href="https://harvard.edu">harvard.edu</a>

16 of 149

17 of 149

<a href="https://harvard.edu">harvard.edu</a>

18 of 149

<a href="https://harvard.edu">https://harvard.edu</a>

19 of 149

20 of 149

<a href="https://harvard.edu">https://harvard.edu</a>

21 of 149

<a href="https://yale.edu">https://harvard.edu</a>

22 of 149

23 of 149

Code Injection

24 of 149

Cross-Site Scripting

(XSS)

25 of 149

26 of 149

27 of 149

28 of 149

<p>About 6,420,000,000 cats</p>

29 of 149

30 of 149

31 of 149

32 of 149

<p>About 6,420,000,000 cats</p>

33 of 149

<p>About 6,420,000,000 <script>alert('attack')</script></p>

34 of 149

<p>About 6,420,000,000 <script>alert('attack')</script></p>

35 of 149

36 of 149

37 of 149

Reflected

38 of 149

<a href="…">…</a>

39 of 149

40 of 149

<a href="…">…</a>

41 of 149

<a href="https://www.google.com/search?q=cats">cats</a>

42 of 149

<a href="https://www.google.com/search?q=cats">cats</a>

43 of 149

<a href="https://www.google.com/search?q=cats">cats</a>

44 of 149

<a href="https://www.google.com/search?q=%3Cscript%3Ealert%28%27attack%27%29%3C%2Fscript%3E">cats</a>

45 of 149

<a href="https://www.google.com/search?q=%3Cscript%3Ealert%28%27attack%27%29%3C%2Fscript%3E">cats</a>

46 of 149

<a href="https://www.google.com/search?q=%3Cscript%3Ealert%28%27attack%27%29%3C%2Fscript%3E">cats</a>

47 of 149

<script>alert('attack')</script>

48 of 149

<script>alert(document.cookie)</script>

49 of 149

Stored

50 of 149

51 of 149

52 of 149

53 of 149

Character Escapes

54 of 149

<p>About 6,420,000,000 <script>alert('attack')</script></p>

55 of 149

<p>About 6,420,000,000 &lt;script&gt;alert('attack')&lt;/script&gt;</p>

56 of 149

<p>About 6,420,000,000 &lt;script&gt;alert('attack')&lt;/script&gt;</p>

57 of 149

&lt; (<)

&gt; (>)

&amp; (&)

&quot; (")

&apos; (')

58 of 149

Content-Security-Policy: script-src https://example.com/

59 of 149

<script src="…"></script>

60 of 149

Content-Security-Policy: style-src https://example.com/

61 of 149

<link href="…" rel="stylesheet">

62 of 149

SQL Injection

63 of 149

SELECT * FROM users

WHERE username = '{username}'

64 of 149

SELECT * FROM users

WHERE username = '{username}'

65 of 149

malan

66 of 149

malan'; DELETE FROM users; –-

67 of 149

SELECT * FROM users

WHERE username = '{username}'

68 of 149

SELECT * FROM users

WHERE username = 'malan'; DELETE FROM users; --'

69 of 149

SELECT * FROM users

WHERE username = 'malan';

DELETE FROM users;

70 of 149

SELECT * FROM users

WHERE username = '{username}' AND password = '{password}'

71 of 149

SELECT * FROM users

WHERE username = '{username}' AND password = '{password}'

72 of 149

malan

73 of 149

' OR '1'='1

74 of 149

SELECT * FROM users

WHERE username = 'malan' AND password = '' OR '1'='1'

75 of 149

SELECT * FROM users

WHERE username = 'malan' AND password = ''

OR '1'='1'

76 of 149

SELECT * FROM users

WHERE (username = 'malan' AND password = '')

OR '1'='1'

77 of 149

SELECT * FROM users

WHERE '1'='1'

78 of 149

Prepared Statements

79 of 149

'

80 of 149

''

81 of 149

SELECT * FROM users

WHERE username = '{username}'

82 of 149

SELECT * FROM users

WHERE username = ?

83 of 149

SELECT * FROM users

WHERE username = 'malan''; DELETE FROM users; --'

84 of 149

SELECT * FROM users

WHERE username = '{username}' AND password = '{password}'

85 of 149

SELECT * FROM users

WHERE username = ? AND password = ?

86 of 149

SELECT * FROM users

WHERE username = 'malan' AND password = ''' OR ''1''=''1'

87 of 149

Command Injection

88 of 149

system

89 of 149

eval

90 of 149

Developer Tools

91 of 149

<input disabled type="checkbox">

92 of 149

<input disabled type="checkbox">

93 of 149

<input type="checkbox">

94 of 149

Client-Side Validation

95 of 149

<input required type="text">

96 of 149

<input required type="text">

97 of 149

<input type="text">

98 of 149

Server-Side Validation

99 of 149

Cross-Site Request Forgery

(CSRF)

100 of 149

GET

101 of 149

<a href="https://www.amazon.com/dp/B07XLQ2FSK">Buy Now</a>

102 of 149

<a href="https://www.amazon.com/dp/B07XLQ2FSK">Buy Now</a>

103 of 149

<img src="https://www.amazon.com/dp/B07XLQ2FSK">

104 of 149

POST

105 of 149

<form action="https://www.amazon.com/" method="post">

<input name="dp" type="hidden" value="B07XLQ2FSK">

<button type="submit">Buy Now</button>

</form>

106 of 149

<form action="https://www.amazon.com/" method="post">

<input name="dp" type="hidden" value="B07XLQ2FSK">

<button type="submit">Buy Now</button>

</form>

107 of 149

<form action="https://www.amazon.com/" method="post">

<input name="dp" type="hidden" value="B07XLQ2FSK">

<button type="submit">Buy Now</button>

</form>

108 of 149

<form action="https://www.amazon.com/" method="post">

<input name="dp" type="hidden" value="B07XLQ2FSK">

<button type="submit">Buy Now</button>

</form>

<script>

document.forms[0].submit();

</script>

109 of 149

<form action="https://www.amazon.com/" method="post">

<input name="dp" type="hidden" value="B07XLQ2FSK">

<button type="submit">Buy Now</button>

</form>

<script>

document.forms[0].submit();

</script>

110 of 149

<form action="https://www.amazon.com/" method="post">

<input name="dp" type="hidden" value="B07XLQ2FSK">

<button type="submit">Buy Now</button>

</form>

111 of 149

<form action="https://www.amazon.com/" method="post">

<input name="csrf_token" type="hidden" value="1234abcd">

<input name="dp" type="hidden" value="B07XLQ2FSK">

<button type="submit">Buy Now</button>

</form>

112 of 149

<form action="https://www.amazon.com/" method="post">

<input name="csrf_token" type="hidden" value="1234abcd">

<input name="dp" type="hidden" value="B07XLQ2FSK">

<button type="submit">Buy Now</button>

</form>

113 of 149

POST / HTTP/3

Host: amazon.com

X-CSRFToken: 1234abcd

114 of 149

Open Worldwide Application Security Project (OWASP)

115 of 149

break

116 of 149

Arbitrary Code Execution

(ACE)

117 of 149

Remote Code Execution

(RCE)

118 of 149

Buffer Overflow

119 of 149

machine code

stack

120 of 149

machine code

121 of 149

machine code

return address

122 of 149

machine code

"go to machine code"

123 of 149

machine code

cats

"go to machine code"

124 of 149

machine code

"go to machine code"

125 of 149

machine code

126 of 149

machine code

return address

127 of 149

machine code

"go to machine code"

128 of 149

machine code

attack code

"go to machine code"

129 of 149

machine code

attack code

130 of 149

machine code

attack code

"go to attack code"

131 of 149

Stack Overflow

132 of 149

machine code

stack

133 of 149

Cracking

134 of 149

Reverse Engineering

135 of 149

Malware Analysis

136 of 149

Open-Source Software

137 of 149

Closed-Source Software

138 of 149

App Stores

139 of 149

software → 

→ hash

140 of 149

hash → 

→ signature

private key → 

141 of 149

Package Managers

142 of 149

Operating Systems

143 of 149

Bug Bounty

144 of 149

Common Vulnerabilities �and Exposures (CVE)

145 of 149

National Vulnerability Database (NVD)

146 of 149

Common Vulnerability Scoring System (CVSS)

147 of 149

Exploit Prediction �Scoring System (EPSS)

148 of 149

Known Exploited

Vulnerabilities Catalog (KEV)

149 of 149

Introduction to

Cybersecurity

David J. Malan

malan@harvard.edu