Web Security (module BTI-4203)

Goals of this course

This part of the course aims at providing a good overview of a major software security issues: Web Security.
The students will see the most dangerous web securities issues (for instance XSS, XRSF, SQL injection, ...). They know how such flows can be exploited and know how one can protect a site. They have experienced this attacks on example web sites.

Moodle page

Moodle page for this course

Schedule

The specialisation courses are given on Fridays in Biel, 8:20 - 11:55.
Course is taught by Kai Brünnler, Emmanuel Benoist. The following schedule represents the courses of the Fall Term 2024-2025.
Day Contents
20.09.2024 K. Bünnler
27.09.2024 K. Bünnler
04.10.2024 K. Bünnler
11.10.2024 K. Bünnler
18.10.2024 K. Bünnler
25.10.2024 K. Bünnler
01.11.2024 K. Bünnler
08.11.2024 Injections
15.11.2024 No course: Bloc week
22.11.2024 Broken Access Control
29.11.2024 Identification or Authentication Failures
06.12.2024 Cryptographic failures
13.12.2024 Cross Site Scripting
20.12.2024 Emmanuel Benoist - Other OWASP Top 10 problems
27.12.2024 No course: Weihnachtsferien / Vacances de Noel
03.01.2025 No course: Weihnachtsferien / Vacances de Noel
10.01.2025 Audit-Methodology and Risk Analysis
17.01.2025 No course: Finaltag

Evaluation

This course is part of the module BTI-4203 "Pa" module. Students will pass a written exam (120 minutes for only XML-security and Web-Security (parts taught by E. Benoist and K. Brünler)). This module gives 4 ECTS credits and is part of the Qualification Group C.
This course is also an optional module of the Master of Digital Forensics of the Unil. It counts for 3 ECTS. This module is examinated with an oral exam of 20 minutes.