Safe Penetration Testing Labs · intermediate · ~10 min
Code-review for the canonical C memory-safety smell.
Most legacy buffer-overflow CVEs share a shape: strcpy(dst, src) where src is attacker-controlled and dst is a fixed-size array. Grep for strcpy, strcat, sprintf, gets in a code base; each occurrence is a candidate for the safe-replacement pass.
For your own code, treat these as compile errors via a wrapper macro or a linter.