For the exercises, students will be tasked with answering theoretical questions as well as attack vulnerable applications. Moreover, they will develop their own applications (prone to different attacks) and develop fixes for these flaws.
The exact schedule for the exercises will be announced at the end of March/beginning of April.
While the results will not be graded, participation is mandatory and students may only take part in the written exam if
- at least 50% of the exercise tasks were successfully finished
- and one each exercise sheet the students reach 25% of the available points.
Naturally, students on sick leave do not have to turn in their exercises. Moreover, students are allowed to not submit up to two sheets.
Since this lecture is a specialized lecture on Web security, prior knowledge in this area is required to participate in the course. Specifically, it is beneficial if you took part in the Hacking proseminar, but more importantly in the Introduction to Cybersecurity as well and/or Security lectures.
Number of Participants / Signing up
There currently is no enforced hard limit on the course. Students have to sign up via the CMS before or on April 11th to participate.
Passing the course/Grading
For admission to the exam, check above. Passing the exam requires at least 50% of the points. Students may take the backup exam to improve their grade. The final grade is only determined by the outcome of the exam(s).