Lecture Schedule

Date Subject Resources
Jan 13 Course introduction, Javascript hacking demo, Linux hacking demo
Jan 20 Hacker motivations, methods, ethics, responsible disclosure, the Common Vulnerabilities and Exposures (CVE) reporting system
Jan 27 Cross Site Scripting (XSS), SQL injection, Web Anonymity (Tor, Tails, Hidden services, Darknet)
Feb 3 Network Mapping/Recon/Scanning, System Exploitation with Metasploit
Feb 10 Hacking Wifi, Man-in-the-middle attacks, TLS stripping
Feb 17 Phishing, Passwords, password cracking, digital forensics
Feb 24 Reading Week - No class
Mar 3 Command-line injection, buffer overflows, shellcode, fuzzing
Mar 10 Topic Presentations
  • Distributed Denial of Service Attacks
    Fadi A.
  • Whatsapp Instant Messager Security
    Huiying L., Darshit P., Julian F.
  • Coding Bugs: Exploiting Video Games as an Example
    Riley B., Conrad B.
  • Heartbleed
    Omar M., Elana U.
Mar 17 Topic Presentations
  • E-commerce Security Issues
    Yuning C., Cheng Q., Dazhou Zhang., Xiaowei H. 
  • Side-channel Attacks
    Sara S., Jianhua G., Changbin G., Fangfei Z.,
  • SQL Injection Attacks
    Gobinath L., Nadun R., Supriyo A., Roberto B.
  • Dirty Cow Privilege Escalation Exploit
    Krishan S., Tarandeep S., Tanveen K., Anjana P.
  • Hacking Email
    Seongyong You., Yunpeng L., Yuying L., Dongrong L.
  • Mousejacking: Hijacking Wireless Mouse Devices
    Stephen S., Alexis P.
Mar 24 Topic Presentations
  • Camfecting: Hacking Webcams
    Apoorva C., Tabish S., Yash K.
  • Encryption Algorithms
    Ruipeng L., Xiaodong H.
  • Dissassembly and Reverse Engineering Code
    Cheng G., Wei Z., Fei Ya M.
  • WiFi Phishing
    Jieqiong S., Kaihua L., Monica Z., Xiyang S.
  • Tor and the Darknet
    Fantuo M., Zhenwen X., Tunan J., Daoxi S.
Mar 31 Project Presentations
  • Hacking IntelliJ IDEA
  • Mirai BotnetCode: Analysis & Removal Tools
  • Privilege Escalation on UNIX Systems Through Return-To-Libc Vulnerability
  • Panda Joss-Stick Virus
  • Camfecting: WebCam Hacking
  • Forensic Analysis of the AVS WinVote
  • Exploitation of Cache Using Side Channel Attack in JavaScript
  • Web Vulnerability Testing using Burp Suite
  • Practical Attacks on Low-Rate Low-Power Wireless Sensor Networks
  • Fuzzing
  • Obfuscation of Executable Code to Improve Resistance to Disassembly
Apr 7 Final exam (M.Eng only)