Subject lectured to the 1st year of the Masters in Cybersecurity, providing a view over the issue of vulnerability management, it’s assessment, impact, and then exploration.
This edition will be lectured by professor João Paulo Barraca (email: jpbarraca@ua.pt). Teaching staff will be available by email and Discord. The use of the Discord platform for direct communication is highly recommended. Official course information will be available in this page, while grades will be available through E-learning.
Classes will be lectured in the Portuguese language, unless there is a foreign student attending. In this case English will be used. All lecture notes and laboratory guides will be made available in English. Examinations will be made available in Portuguese, and in English if required for foreign students.
Prospecting students should be aware that this subject some knowledge and comprehension of several topics in the areas of networking, software and operating systems, such as: the Python/C/PHP, Linux console usage (mostly Debian), virtual machines, sockets, HTTP and HTML technologies, and AMD64 assembly. Although lacking specific knowledge is not critical, the contents will expect you to have some base knowledge on those topics.
Important Dates
-
T1: November TBD
-
T1+T2: January 15th 2026
-
ES and PS: February 2nd 2026
-
EE and PE: TBD
-
Assignment 1 - October 3rd
-
Assignment 2 - December 19th
-
Assignment 3 - December 05th
-
Assignment 4 - December 19th
Planning
According to the UA academic schedule, classes will be lectured from September 15th, until December 20th. The subject is composed by a 3 hours of theoretical/practical lectures. It is expected that students spend an additional 2-3 hours per week exploring the concepts presented during the lectures, preparing projects and assignments. It is also expected them to make use of the tutoring times if they have questions or require some assistance. Theoretical classes will present key aspects related with vulnerability management, vulnerability assessment, relevant vulnerabilities in current service architectures (mostly web or REST based), lower level aspects related with stacks, heaps and other vulnerabilities, and then mobile applications.
The topics lectured in each class should be as presented in the following table. Changes may happen, so please check it frequently.
| # | Date | Topic |
|---|---|---|
| 1 | Sep 19 | Vulnerabilities |
| 2 | Sep 26 | Information Leakage |
| 3 | Oct 03 | Vulnerability Assessment |
| 4 | Oct 09 | Injection Vulnerabilities: SQLi |
| 5 | Oct 17 | Injection Vulnerabilities: OS Injection |
| 6 | Oct 24 | Broken Authentication |
| X | Oct 31 | XSS - Cross Site Scripting |
| 7 | Nov 07 | XSS - Cross Site Scripting |
| 8 | Nov 14 | Theoretical Test T1, Project support |
| 9 | Nov 21 | Stack Overflow attacks |
| 10 | Nov 28 | ROP and String format attacks |
| 11 | Dec 05 | Heap based attacks |
| 12 | Dec 12 | Concurrency |
| 13 | Dec 19 | Project wrapping up |
Software
- Bettercap: The Swiss Army knife for WiFi, Bluetooth Low Energy, wireless HID hijacking and Ethernet networks reconnaissance and MITM attacks.
- Wireshark: The most popular packet sniffer application.
- WebGoat: A deliberately insecure web application maintained by OWASP designed to teach web application security lessons.
- Kali Linux: A popular Penetration Testing Distribution.
- John the Ripper: A password Cracker.
- Hashcat: Advanced Password Recovery tool, especially tailored at OpenCL.
- nmap: Probably the most famous port scanner and reconnaissance tool.
- Burp Suite: Vulnerability assessment tool
- ZAP: Zed Attack Proxy is a vulnerability assessment tool, similar to Burp, but open source.
- GDB: GDB: The GBU Project Debugger
- Radare2: An open source software framework for reverse engineering and analyzing binaries.
- ghidra: A software reverse engineering (SRE) framework developed by NSA’s Research Directorate.
- pwntools: CTF framework and exploit development library
- sqlmap: Automatic SQL injection and database takeover tool
- Metasploit: Penetration Testing Framework
- GDB GEF: GDB Enhanced Features
- ImHex: A modern hex editor
- Docker: Containerization platform
Websites
- Try Hack Me: Platform with several relevant resources
- CTFTime: CTF Competitions and Events
- PicoCTF: A (simple) CTF from CMU
- OWASP Top Ten: OWASP Top Ten vulnerabilities
- GameOfHacks: Identify common programming errors that lead to security issues.
- Bruce Schneier Blog: A very interesting blog dedicate to security and cryptography.
- Reddit NetSec
- NetSecStudents
- CVE Details
- Hack The Box
Books
Most books are available through the O’Reilly library, which is available to all students using their University credentials.
- Security in Computing, Fourth Edition
- Security Engineering, Third Edition
- Certified Ethical Hacker (CEH) Preparation Guide
- Hands-On Bug Hunting for Penetration Testers
- The Complete Ethical Hacking Course
- Violent Python
- Web Security - Common Vulnerabilities and Their Mitigation
- The Hacker Playbook 2: Practical Guide To Penetration Testing
- Reddit NetSec Books Galore