Application and Software Security (module BTI-7262)

Goals of this course

This part of the course aims at providing a good overview of a major software security issues: Web Security.
The students will see the most dangerous web securities issues (for instance XSS, XRSF, SQL injection, ...). They know how such flows can be exploited and know how one can protect a site. They have experienced this attacks on example web sites.


The course is given on Fridays in Biel, 8:30 - 11:55 and 12:45 - 16:10.
Courses are taught by Hansjürg Wenger, Kai Brünnler, Emmanuel Benoist and Gerhard Hassenstein. The following schedule represents the courses of the HS2019/20 Semester.
Day Contents
20.09.2019 (Morning)Hansjürg Wenger
20.09.2019 (Afternoon)Gerhard Hassenstein
27.09.2019 (Morning)Hansjürg Wenger
27.09.2019 (Afternoon)Gerhard Hassenstein
04.10.2019 (Morning)Hansjürg Wenger
04.10.2019 (Afternoon)Gerhard Hassenstein
11.10.2019 (Morning)Hansjürg Wenger
11.10.2019 (Afternoon)Gerhard Hassenstein
18.10.2019 (Morning)Hansjürg Wenger
18.10.2019 (Afternoon)Gerhard Hassenstein
25.10.2019 (Morning)Hansjürg Wenger
25.10.2019 (Afternoon)Gerhard Hassenstein
01.11.2019 (Morning)Hansjürg Wenger
01.11.2019 (Afternoon)Gerhard Hassenstein
08.11.2019 (Morning)Hansjürg Wenger
08.11.2019 (Afternoon)Gerhard Hassenstein
15.11.2019 (Morning)Kai Bünnler
15.11.2019 (Afternoon)Emmanuel Benoist- Injections
22.11.2019 (Morning)Kai Bünnler
22.11.2019 (Afternoon)Emmanuel Benoist - Cross Site Scripting
29.11.2019 (Morning)Kai Bünnler
29.11.2019 (Afternoon)Emmanuel Benoist- Broken Access Control
06.12.2019 (Morning)Kai Bünnler
06.12.2019 (Afternoon)Emmanuel Benoist- Broken authentication
13.12.2019 (Morning)Kai Bünnler
13.12.2019 (Afternoon)Emmanuel Benoist - Sensitive Data Exposure
20.12.2019 (Morning)Kai Bünnler
20.12.2019 (Afternoon)Emmanuel Benoist - Other OWASP Top 10 problems
27.12.2019 (Morning) No course: Weihnachtsferien / Vacances de Noel
27.12.2019 (Afternoon) No course: Weihnachtsferien / Vacances de Noel
05.01.2020 (Morning) No course: Weihnachtsferien / Vacances de Noel
05.01.2020 (Afternoon) No course: Weihnachtsferien / Vacances de Noel
10.01.2020 (Morning)Kai Bünnler
10.01.2020 (Afternoon)Emmanuel Benoist - Audit-Methodology and Risk Analysis
17.01.2020 (Morning) No course: Finaltag
17.01.2020 (Afternoon) No course: Finaltag


This module is part of the module BTI-7262 "Pa" module. Students will be examinated orally (30 minutes for the whole module). This module gives 8 ECTS credits and is part of the Qualification Group C.
This course is also an optional module of the Master of Digital Forensics of the Unil. It counts for 3 ECTS. This module is examinated with an oral exam of 20 minutes.

More information:

Moodle page for this course
Schedule for this course (official BFH-TI schedule)