Ethical Hacking and Penetration Testing
2008-2009 - IMT3491 - 5sp

Anbefalt forkunnskap

IMT2282 Operating systems and IMT3381 Application security

Forventet læringsutbytte

The course will address the vulnerabilities of released software and of network applications. The students should after the end of the course have a good overview of the threats that exists towards released software, networks, and network services. A deeper analysis and a set of practical exercises will be the foundation for a deeper understanding into some specific security vulnerabilities that exists with and without available source code.

Emnets temaer

  • Ethical Hacking and Penetration Testing – definitions
  • Password attacks
  • Privilege escalation
  • DNS vulnerabilities
  • Network mapping
  • Wireless problems
  • Software vulnerabilities
    • Buffer overflow, format strings, integer overflow
  • Web application problems
    • XSS, parameters, persistence
    • SQL-injection
  • Data mining
  • Fuzzing

Pedagogiske metoder



Skriftlig eksamen, 2 timer


Bokstavkarakterer, A (best) - F (ikke bestått)


Evaluation by the lecturer

Utsatt eksamen (tidl. kontinuasjon)

Ordinary re-sit examination

New project(s) at next course dates

Tillatte hjelpemidler (gjelder kun skriftlig eksamen)


Obligatoriske arbeidskrav

1-3 Project(s), must be approved. Specifics to be announced at course start.


Articles and book chapters. Specifics to be announced at course start.