Launching attack to exploit the buffer-overflow vulnerability using shellcode. Conducting experiments with several countermeasures.
Using the return-to-libc technique to defeat the "non-executable stack" countermeasure of the buffer-overflow attack.
Launching attacks on privileged Set-UID root program. Risks of environment variables. Side effects of system().
Exploiting the race condition vulnerability in privileged program. Conducting experiments with various countermeasures.
Exploiting the Dirty COW race condition vulnerability in Linux kernel to gain the root privilege.
Exploiting the format string vulnerability to crash a program, steal sensitive information, or modify critical data.
Launch attack to exploit the Shellshock vulnerability that is discovered in late 2014.