What do I learn?

Cyberattacks are one of the greatest digital dangers of the 21st century. They influence individual decisions, harm economies and societies, and threaten the stability of democracy. Cyberattacks appear in various forms, ranging from compromise of Web cams to sabotage of nuclear centrifuges. Understanding the art of hacking is a necessity to designing security solutions. In fact, the need for protection against contemporary hacks paves the ground to research innovative security concepts and develop advanced protection mechanisms. Ethical hacking deals with the principles of hacking for the sake of the good, namely to find a vulnerability before damage occurs.

In this course you turn into an ethical hacker. You get to learn the attack techniques to compromise a computer system and gain control over the system. However ethical hacking is not a pen-and-paper science. Rather you have to put your hands on a system and attack it. To this end, we spend (at least) half of the time in the lab and try to compromise the environment. This way, we practice the fundamental principles of ethical hacking a long the line of

  • Information Gathering
  • Threat Modelling
  • Vulnerability Analysis
  • Exploitation
  • Reporting

If students are interested we will also deal with advanced techniques including fuzzing, binary reverse-engineering, white-box code analysis, and (de-)obfuscation.

What can I do with this knowledge?

The industry heavily looks for talents, so called professional security pentesters, who identify weaknesses in enterprise networks before hackers compromise it. In a nutshell, a pentester's job is to step into the footsteps of an attacker, hack a system and report the findings. The course readily qualifies you for the job as a professional security penetration tester. Moreover, you gain all knowledge to apply for the prestigious and sophisticated Offensive Security Certified Pentester Certificate (OSCP).  With the OSCP and a bachelor degree in your pocket you have all qualifications to start through your industrial career as a professional security pentester.

Rules of the Game

To pass the course, you will need to prove your hacking skills in the final exam. You will be given a network environment. Your mission is to hack the system and report your major findings. 

Incentive#1: For those students who aim at a professional career support for the OSCP will be given. Top students (with best grade in the final exam) obtain a scholarship for the OSCP exam sponsored by industrial partners.

Incentive#2: It's always fun to compare your hacking skills with others. Students are encouraged to team up and compete with other students in the German Cyber Security Challenge.

Prerequisites and Application

This is an advanced course. It requires students to have certain knowledge prior to attending the course. A solid understanding of networking, the programming language C, some Web languages (e.g. HTML, Javascript) and reasonable Linux skills are required. Familiarity with Bash scripting along with basic Perl or Python is considered a plus.

Note, the course is strictly limited to 20 students. You need to apply to get admission. Please write a motivation letter describing your interests, background, and if applicable grades in relevant courses (e.g., programming, networking, security). 

Recommended Books

David Kennedy, Jim O'Gorman, Deavon Kearns, and Mati Aharoni: Metasploit: A Penetration Tester's Guide    Ben Clark: Rtfm-Red Team Field Manual, 2014    Justin Seiz: Black Hat Python, 1st Edition

Online Courses

Hacking is its own science with a large community. For students who wish to snoop into the community, the Black Hat and Defcon talks are recommended. (Videos are online available.)

Research Papers

  • Aleph One: Smashing The Stack For Fun And Profit
  • Ryan Roemer, Erik Buchanan, Hovav Shacham, Stefan Savage: Return-Oriented Programming: Systems, Languages, and Applications. ACM Transactions on Information and System Security (TISSEC) - Special Issue on Computer and Communications Security, Volume 15 Issue 1, 2012.
  • Stephen Checkoway, Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Hovav Shacham and Marcel Winandy: Return-oriented programming without returns. ACM CCS '10.
  • Stephen W. Boyd, Angelos D. Keromytis: SQLrand: Preventing SQL Injection Attacks. ACNS'04
  • Martin Johns, Björn Engelmann, and Joachim Posegga: XSSDS: Server-Side Detection of Cross-Site Scripting Attacks. ACSAC'08
  • Adam Barth, Collin Jackson, John C. Mitchell: Robust defenses for cross-site request forgery. ACM CCS '08.
  • Tongbo Luo, Hao Hao Wenliang Du, Yifei Wang, and Heng Yin: Attacks on WebView in the Android system. ACSAC'11.
  • Daniel Gruss, Clémentine Maurice, and Stefan Mangard: Rowhammer.js: A Remote Software-Induced Fault Attack in JavaScript. DIMVA'16.
  • Victor van der Veen, Yanick Fratantonio, Martina Lindorfer, Daniel Gruss, Clémentine Maurice, Giovanni Vigna, Herbert Bos, Kaveh Razavi, and Cristiano Giuffrida: Drammer: Deterministic Rowhammer Attacks on Mobile Platforms. ACM CCS'16.