Course Information

    The key to register is "ethical hacking"
    The course and the exam will be in English.
    6 CFU.
  Lectures mode:
  • Before the lecture, the teacher publishes a recorded video illustrating the topics of the incoming lecture. Students have to see the video before attending the lecture.
  • At the start of the lecture, the teacher releases a brief questionnaire to check if the students have understood the main concepts described in the recorded lecture. The questionnaire is administered through the Moodle platform. The teacher, then, answers to any doubt or question.
  • The teacher identifies the working groups by choosing the members of each group (the groups will be different for every new assignment) and releases the new assignment. Even though all the groups are encouraged to solve the assignment, the teacher selects the group that is supposed to solve it and to illustrate the solution to the other groups by giving a presentation.
  • During the next lecture, the selected group presents its solution and answers to questions from the teacher or from the other students. If the teacher is satisfied by the performance of the group, each member of the group receives a bonus which will be summed up with the grade obtained during the final exam.
    The course is very practical and it requires a high participation from the students. Thus, even if not mandatory, the participation in the class is strongly recommended to benefit from the interaction with other students and the teachers.
    The lectures will be anyone delivered in "dual mode" for students that will be able to join only on Zoom.
    Given the high amount of exercises, only the initial questionnaire, with answers to questions, and the presentation about the solutions will be recorded and shared after the lecture.
    I semester (course schedule is published HERE).
  Discord server:
    Students enrolled for this course are invited to join THIS Discord server.

Course Content

"Ethical hacking" is a hands-on course, where each theoretical topic is followed by a lab. The course has five different modules:
  • Network security - network analysis and monitoring; securing internet communications; packet sniffing and spoofing; TCP attacks; firewalls.
  • Hardware security - meltdown attack; spectre attack.
  • Web security - cross-site scripting attack; HTTP request smuggling.
  • Pwn - shellcode; buffer overflow; return-to-libc; format string attack; heap overflow.
  • Reverse-engineering - static analysis; reversing in x86; reversing; patching; gdb; debuggers; symbolic execution; fuzzing.

Grading Criteria

The final exam will be a set of multiple choice questions covering all the topics of the course. The exam will have 33 points among which:
  • 18 points achievable through theoretical questions (very likely 18 questions, each one associated to a single point)
  • 15 point achievable through practical questions (5 questions, each one weighting 3 points)
The bonus cumulated through the participation during the semester will be summed to the grade obtained at the exam. Since the participation is not mandatory, a student can get the maximum grade (i.e., 30L) even without attending the course.