Lecture Schedule

Date	Subject	Resources
Week 1, Jan 14	Hacking Background. Course introduction, Core network and computing concepts (Networking, Command line utlities, File permissions, Programming languages, Web technologies)	PicoCTF OSI networking model Chrome Developer Tools Tutorial UNIX/Linux file permissions Unix/Linux tutorial List of Unix command-line programs BASH Cheatsheet Kali Linux virtual machine images Regular expressions and file searching
Week 2, Jan 21	Cyber Ethics and Vulnerability Scoring.	Lecture 2: The Ethics of Hacking Prenetration testing Pentest cheatsheet The Common Vulnerability Scoring System (CVSS) A CVE example
Week 3, Jan 28	Hacking the Web.	Lecture 3: Cross site scripting (XSS) Collision challenge on pwnable.kr Tutorial notes for the Collision challenge
Week 4, Feb 5	Hacking Networks.	Lecture 4: Scanning and remote exploitation with Metasploit Link to the metasploitable virtual machine Tutorial notes for the Bof buffer overflow challenge
Week 5, Feb 11	Hacking Systems.	File and OS permissions. Identity, access and privilege Lecture 5: Phishing and Password hashing Tutorial notes for the Passcode challenge
Week 6, Feb 18	Reading week. No class.
Week 7, Feb 25	Presentations. M.Eng (9069) Tool/Method case study. Research (9609) paper seminar (Day 1).	Yuyao Z., Ying Z. - Sn1per Jingyao Q., Zehao L., Xihao H. - SSH Tunnelling and Pivoting Ziqi L., Ivy L. - Wireshark Paper seminar - James - Dead Mans' Switch - Forensic Autopsy of the Nintendo Switch Paper seminar - Kelsey - Asleep at the Keyboard? Assessing the Security of GitHub Copilot’s Code Contributions
Week 8, Mar 4	Hacking Software. NO LECTURE (prof away at conference). See video lecture in OWL.	Program flow, stacks, buffer overflows, return-oriented programming, shellcode Lecture 6: Buffer overflows
Week 9, Mar 11	Presentations. M.Eng (9069) Tool/Method case study. Research (9609) paper seminar (Day 2).	Jinlei C., Oboghene A. - Cowrie Haibo W., Ziquan Z. - The LangGrinch prompt injection attack Mark K., Abdulmuanmen K., Zirui L., Adithya S. - WINDBG Ajmain - LLM jailbreak attacks Qijun Z. - Wifiphisher Paper seminar - Nour - GRID. Protecting Training Graph from Link Stealing Attacks on GNN Models Paper seminar - Vinura - Everything is Good for Something. Counterexample-Guided Directed Fuzzing via Likely Invariant Inference Paper seminar - Dylan - Stuxnet Facts Report. A technical and strategic analysis
Week 10, Mar 18	Presentations. M.Eng (9069) Tool/Method case study. Research (9609) paper seminar (Day 3).	Yuxiang L., Xinyuan C., Yue W., Siyi L. - SQL injection attacks Mingsen H., Beichen J., Yining S., Jiayang S. - Versatile Transferable Generator (VTG) Jiacheng G., Chenhao G., Pengfeng Y., Jingyang W. - Tor/Onion Routing Ashwini D., Gayathri N., Muhammad A. - Deepfakes Jingyao W., Zihao S., Owen Z, Bohua L. - Social Engineering Toolkit Paper seminar - Kareem G. - Volttack. Control IoT Devices by Manipulating Power Supply Voltage Paper seminar - Saeed - Concurrent Structure-Independent Fault Detection Schemes for the Advanced Encryption Standard
Week 11, Mar 25	Presentations. M.Eng (9069) Tool/Method case study. Research (9609) paper seminar (Day 4).	Hongyu S., Jianhao W. - Metasploit Xiuwen Z., Qiongxin Z., Casey G. - DNS tunnelling Linshuo Z - Malicious scripting in Polyglot Andrew P., Victoria - Hydra password cracking Chenghao L., Hussein H. - OWASP ZAP (DAST) + OWASP Juice Shop Paper seminar - Daniel B. - Dropout Attacks Paper seminar - Marcus M. - Eyes on your Typing - Snooping Finger Motions on Virtual Keyboards
Week 12, April 1	Final test
Week 13, April 8	No class. Time made avilable to work on CVE reports.