Schedule

The following course schedule is non-binding and may change at any time and without prior announcement.

Date Lecture Topic VOTD Lecturer BiBiFi Contest
16.07.20 Usability, Recap TBA Bodden? Explanations of vulnerabilities from Fix-It
23.04.20 Intro CSRF Bodden Introduction to Contest & Build It
30.04.20 Requirements, Misuse & Abuse Cases SQL Injection Bodden
07.05.20 System Design / Threat Modeling XSS Bodden
14.05.20 Risk Management & Test Planning Log overflow, Path traversal Bodden
21.05.20 Defensive Coding / Pitfalls Confused deputy Bodden
28.05.20 Correct usage of security mechanisms / Applied Crypto Hardcoded credentials, Hashing without salt Bodden Introduction to Break-It
04.06.20 Applied Crypto (continued) Embedded DTDs, Poor PRNGs Bodden
11.06.20 Guest lecture on SAP (in)security Integer overflow, Buffer overflow Bodden/Harmes
18.06.20 Code Inspection OS command injection, Uncontrolled format string TBD Introduction to Fix-It
----- End of 4CP-Course ----- ----- -----
25.06.20 Vulnerability Assessment Cache poisoning Bodden
02.07.20 Deployment Race condition / time of check, time of use Bodden
09.07.20 Insider Threats TBA Bodden