192.082 Introduction to Security
This course is in all assigned curricula part of the STEOP.
This course is in at least 1 assigned curriculum part of the STEOP.

2022S, UE, 2.0h, 3.0EC
TUWELLectureTubeQuinn ECTS survey


  • Semester hours: 2.0
  • Credits: 3.0
  • Type: UE Exercise
  • LectureTube course
  • Format: Presence

Learning outcomes

After successful completion of the course, students are able to identify common software security vulnerabilities and avoid typical pitfalls in the development phase. The aim is to provide hands-on experience in the sort of attacks and protections found in the real world. More specifically, students will access a safe environment to interact with realistic applications containing ad-hoc vulnerabilities. The LVA offers practical exercises and follow-up materials to complement the topics presented during the Introduction to Security (VU) course.

Subject of course


  • Python and bash scripting
  • Tools for binary and web exploit development

System Security

  • Buffer/stack overflow
  • Circumventing overflow mitigation techniques
  • Return-oriented programming (ROP)

Web Security

  • Server-side vulnerabilities
  • Client-side vulnerabilities
  • Client-side mitigations and bypasses
  • Browser side-channels


  • Modelling and verifying real-world web protocols

Teaching methods

In this semester the course is held predominantly on-site. Students are required to complete practical assignments through which they can assimilate the concepts learned during the course. The release schedule of the assignments can be found on TUWEL.

Mode of examination


Additional information

ECTS Breakdown

3 ECTS = 75h

  • 8h   lectures
  • 67h self-study and projects development



Course dates

Thu13:00 - 14:0017.03.2022 Zoom (Link in TUWEL) (LIVE)Presentation of the virtual lab
Thu13:00 - 15:0024.03.2022 Zoom (Link in TUWEL) (LIVE)Lecture Binary Exploitation
Thu13:00 - 15:0028.04.2022GM 1 Audi. Max.- ARCH-INF Lecture Web Security
Thu13:00 - 15:0002.06.2022GM 1 Audi. Max.- ARCH-INF Lecture Verification

Examination modalities

Students are required to solve practical assignments, which are mostly focused on the implementation of the attacks presented during the course. The final grade of the course is based on reports in which students explain how they solved the proposed problems and what are the possible security countermeasures.

Course registration

Begin End Deregistration end
14.02.2022 00:01 20.03.2022 23:59 20.03.2022 23:59


Study CodeSemesterPrecon.Info
033 526 Business Informatics STEOP
Course requires the completion of the introductory and orientation phase
033 532 Media Informatics and Visual Computing
033 533 Medical Informatics
033 534 Software & Information Engineering
880 FW Elective Courses - Computer Science


No lecture notes are available.

Accompanying courses

Continuative courses


  • Attendance Required!