Schedule

The following course schedule is non-binding and may change at any time and without prior announcement.

No. Date Lecture Topic VOTD Lecturer BiBiFi Contest
15 21.07.21 Recap Bodden
1 14.04.21 Intro CSRF Bodden Introduction to Contest & Build It
2 21.04.21 Requirements, Misuse & Abuse Cases SQL Injection Bodden
3 28.04.21 System Design / Threat Modeling XSS Bodden
4 05.05.21 Risk Management & Test Planning Log overflow, Path traversal Bodden
5 12.05.21 Defensive Coding / Pitfalls Confused deputy Bodden
6 19.05.21 Correct usage of security mechanisms / Applied Crypto Hardcoded credentials, Hashing without salt Bodden
7 26.05.21 Applied Crypto (continued) Embedded DTDs, Poor PRNGs Bodden Introduction to Break-It
8 02.06.21 Guest lecture on SAP (in)security Integer overflow, Buffer overflow Bodden/Harmes
9 09.06.21 Code Inspection OS command injection, Uncontrolled format string Bodden
---- ----- End of 4CP-Course ----- ----- -----
10 16.06.21 Vulnerability Assessment Cache poisoning Bodden Introduction to Fix-It
11 23.06.21 Guest lecture on PSIRT TBA Timmer/Bodden
12 30.06.21 Deployment Race condition / time of check, time of use Bodden
13 07.07.21 Insider Threats tba Bodden
14 14.07.21 Usability tba Bodden Explanations of vulnerabilities from Fix-It