Cyber Offense and Defense

CYBER OFFENSE AND DEFENSE

ACADEMIC YEAR 2023/2024

Course Information

Lecturer: Mario Alviano

Office hours: consult my homepage

Microsoft Teams: for code and link search on this page

Notice Board

25/08/2023 10:30: New site!

09/10/2023 08:45: No lecture on Tuesday 21 November.

16/10/2023 14:25: No lecture on Thursday 2 November.

05/12/2023 09:45: No lecture on Tuesday 19 December.

Promo Videos (most recent up)

Pills (most recent up)

Dates and Deadlines

Lectures

Thursday and Friday in room MT10

Introduction ⌛⌛⌛
SQL injection (SQLi) - part 1 ⌛⌛
SQL injection (SQLi) - part 2 ⌛⌛⌛
Authentication ⌛⌛
Business logic vulnerabilities ⌛⌛⌛
Information disclosure + Directory traversal ⌛⌛
Python requests + lxml + rich + typer ⌛⌛⌛
Command injection ⌛⌛
File upload vulnerabilities + Exercises ⌛⌛⌛
Access control ⌛⌛
Server-side request forgery (SSRF) + XXE injection ⌛⌛⌛
Cross-site scripting (XSS) - part 1 ⌛⌛⌛
Cross-site scripting (XSS) - part 2 ⌛⌛
Seminaries ⌛⌛⌛
Cross-site request forgery (CSRF) ⌛⌛⌛
Cross-origin resource sharing (CORS) ⌛⌛
Clickjacking ⌛⌛
Insecure deserialization + Server-side template injection ⌛⌛⌛
OAuth authentication ⌛⌛
JWT attacks + Student Project ⌛⌛⌛
Student Project ⌛⌛
Student Project ⌛⌛⌛
Exam Simulation + Student Project ⌛⌛
Student Project Showcase ⌛⌛

Teaching Material

Books

Computer Security: Principles and Practice, Global Edition - Stallings William and Brown Lawrie - Pearson
- Sicurezza dei computer e delle reti - Stallings William – Pearson
- Crittografia - Stallings William – Pearson
Kali Linux Penetration Testing Bible - Gus Khawaja – Wiley
Bug Bounty Bootcamp – Vickie Li – No Starch Press

Links

Exams

Dates will be added to the calendar when available

Page updated

Report abuse