Ken Friis Larsen (8-736e74697a7b6d76486c7136737d366c73)
External lectures from
Saved on the
The goal of this course is to familiarize the student with
aspects of it-security. This course will be based on the offensive
part of it-security and present the student with selected topics,
whereby the student will acquire a basic knowledge of penetration
At course completion, the successful student will have:
The foundation of the internet including firewall
What is: portscanning, fuzzing, stack and heap overflow,
Tools used for it-security and their limitations
Do reconnaissance of a given target
Analysing simple web-services for security problems, especially
injection attacks, and demonstrate how to fix them
Do basic binary reverse engineering
Describe and apply stack overflows and heap overflows, as well
as counter mechanisms.
Use and develop shellcode
Find and evaluate security issues using fuzzing, static analysis,
reverse engineering, and auditing of the source code.
See Absalon when the course is set up.
Teaching and learning methods
Lectures, exercise labs, and mainly work on the
practical individual mandatory given assignments.
You need to be proficient in both high-level and
low-level programming, and will be expected to hand-in solutions
written in C, assembler, and perhaps PHP or Python. You are
expected to have an understanding of the low-level architecture of
The practical work in the course is based on command-line UNIX
tools, thus you are expected to have access to a Linux box and have
a working knowledge of how to use Linux via a command
Continuous assessment with six to eight written assignments.
Each assignment will have equal weight towards to final grade, with
the exception of the final assignment which will count as double.
Submission in Absalon.
7-point grading scale
No external censorship
Several internal examiners.
Re/-submission of slightly modified mandatory