Module Number

INFO-4352
Module Title

Pentesting
Lecture Type(s)

Lecture
ECTS 3
Work load
- Contact time
- Self study
Workload:
90 h
Class time:
30 h / 2 SWS
Self study:
60 h
Duration 1 Semester
Frequency In the winter semester
Language of instruction German
Type of Exam

Written exam (in case of a small number of participants: oral tests)

Content

To secure networks or applications, an administrator or developer needs knowledge about existing vulnerabilities. These can be efficiently uncovered through simulated hacker attacks, so-called penetration tests. In addition to theoretical basics about the planning and execution of penetration tests, this lecture provides in-depth practical knowledge of modern attack tools, current vulnerabilities and the methodology to exploit them. The spectrum ranges from footprinting to the actual attack to the placement of backdoors in a compromised system. Lecture and exercises will take place as a closely interlinked block course. Topics are: Penetration testing design options, testing modules, estimating testing effort, assessing results and documentation, tracking vulnerabilities, ethical and legal issues, penetration testing standards, footprinting, portscanning, enumeration, sniffing, attacks against encryption, common configurational vulnerabilities, methodical security analysis of web applications and typical web application vulnerabilities, dealing with metasploit, attacks against Windows networks, privilege escalation, backdoors, online and offline attacks against passwords, vulnerability analysis, exploitation of buffer overflow vulnerabilities.

Objectives

Students significantly deepen their understanding of IT systems and are enabled to recognise and remedy security vulnerabilities. They have the ability to apply the knowledge in new, unfamiliar contexts and to acquire new knowledge independently. In addition, they learn to adequately include ethical aspects.

Allocation of credits / grading
Type of Class
Status
SWS
Credits
Type of Exam
Exam duration
Evaluation
Calculation
of Module (%)
Prerequisite for participation There are no specific prerequisites.
Lecturer / Other Menth
Literature

-

Last offered unknown
Planned for Wintersemester 2024
Assigned Study Areas INFO-INFO, MEDI-APPL, MEDI-INFO, ML-CS