D1. KNOWLEDGE AND UNDERSTANDING Knowledge and understanding of common vulnerabilities and security issues affecting web applications, networks and software systems, with a focus on practical attack techniques and defensive mechanisms. D2. APPLYING KNOWLEDGE AND UNDERSTANDING Ability to configure, execute, and analyze demonstrations of attack and defense scenarios within hands-on activities, using appropriate tools and methodologies. D3. MAKING JUDGEMENTS Ability to assess the presence and impact of security issues across different domains (web app, network, code, systems), to evaluate the effectiveness of mitigation techniques, and to reason about the causes and implications of security flaws in real-world scenarios, taking into account both functional and non-functional requirements relevant to IT system. D4. COMMUNICATION SKILLS Ability to document and present technical findings from lab activities clearly and accurately, using correct terminology and structured reasoning, and to relate practical outcomes to the relevant theoretical background. D5. LEARNING SKILLS Ability to reproduce security issues during hands-on lab activities and to generalize from specific exercises to broader security principles.

Basic knowledge of computer networks, operating systems, programming, fundamentals of cybersecurity

Vulnerability management: EPSS Web Security: IDOR, SQL injection, XSS Network security: adversary-in-the-middle attacks Log analysis at network and host level Software security: introductory elements of static code analysis

None. Slides and examples are provided by the instructor.

Vulnerability management: predicting exploited vulnerabilities, patching effort and evaluation metrics: efficiency and coverage; exploit prediction scoring system (EPSS): purpose, methodology, data sources. Web security testing tools: BURP Suite features and usage; OWASP Juice Shop. Web Security. Attacking access control; insecure direct object references (IDOR) and examples; IDOR vulnerability prevention. Web Security. SQL injection: Types of SQL injection; exploitation techniques and examples; defensive mechanisms. Web Security. Cross-Site Scripting (XSS): Types of XSS vulnerabilities; exploitation techniques and examples; defensive mechanisms. Network security: HTTP/S and adversary-in-the-middle (AITM) attacks; attacker positioning and threat model; SSLStrip, Domain spoofing, Rogue Certificates; Defensive mechanisms. HTTP Strict Transport Security (HSTS), Certificate Transparency and Certificate Pinning. Log analysis at network and host level: log types, formats and standards; log management; log analysis techniques; Elements of manual and automated analysis. Software security: introductory elements of static code analysis. Role of functional and security testing, limitations, overview of tools, practical insights and examples on real-world codebases.

Lectures with slides introduce core concepts, theoretical background, and tools. Each topic is followed by hands-on sessions for practical demonstration of attacks and mitigation strategies. Lectures will be recorded and made available to students, along with lab materials and resources.

Students will submit summary reports on completed lab activities. Reports may be submitted at any time during the course as lab activities are completed. However, all reports must be submitted at least two weeks before the exam date. The final assessment includes an oral exam with critical discussion of one or more reports of lab activities and their theoretical background.