The main activity of the course is a project where students independently attack a corporate computer network with the aim of exfiltrating specific information. The network is rigged by the course responsibles in a virtual environment. To carry out the attack, the students are free to use their imagination and tools available on Internet. Tools for network and vulnerability scanning, platforms for exploit development, command and control, passwork creacking, etc. are presented during the course, but students are free to employ methods and tools of their own choice.
EP283U Ethical Hacking 7.5 credits
Ethical hackers are contracted for practical assessment of computer network security. Furthermore, for an effective defense against cyber attacks, a deep understanding of attackers' available range of action is required.
Information per course offering
Choose semester and course offering to see current information and more about the course, such as course syllabus, study period, and application information.
Information for Autumn 2024 Start 26 Aug 2024 contract education
- Course location
KTH Campus
- Duration
- 26 Aug 2024 - 2 Jun 2025
- Periods
Autumn 2024: P1 (0.5 hp), P2 (3.0 hp)
Spring 2025: P3 (3.0 hp), P4 (1.0 hp)
- Pace of study
10%
- Application code
50763
- Form of study
Normal Daytime
- Language of instruction
Swedish
- Course memo
- Course memo is not published
- Number of places
Places are not limited
- Target group
- No information inserted
- Planned modular schedule
- [object Object]
- Schedule
- Schedule is not published
- Part of programme
- No information inserted
Contact
Course syllabus as PDF
Please note: all information from the Course syllabus is available on this page in an accessible format.
Course syllabus EP283U (Autumn 2024–)Headings with content from the Course syllabus EP283U (Autumn 2024–) are denoted with an asterisk ( )
Content and learning outcomes
Course contents
Intended learning outcomes
After passing the course, the student should, at an introductory level, be able to
- establish resources to support offensive security operations
- perform reconnaissance and discovery to plan operations
- access credentials, such as account names, passwords and access tokens
- achieve initial access to networks and systems
- execute malicious code on remote devices
- establish command and control capabilities to communicate with compromised systems
- elevate privileges on systems to gain higher-level permissions
- persist on networks by maintaining access across interruptions
- move laterally, pivoting through the computing environment
- avoid detection by network defenders
- collect and exfiltrate data from computing environments
- assess the security of computer systems, applications, and services
- carry out legal and ethical security testing.
This will provide students with a practical understanding of the capabilities and possibilities of an attacker, in order to evaluate the cybersecurity of computer networks.
Literature and preparations
Equipment
No information inserted
Literature
No information inserted
Examination and completion
If the course is discontinued, students may request to be examined during the following two academic years.
Grading scale
P, F
Examination
- PROJ - Project assignment, 7.5 credits, grading scale: P, F
Opportunity to complete the requirements via supplementary examination
No information inserted
Opportunity to raise an approved grade via renewed examination
No information inserted
Examiner
Ethical approach
- All members of a group are responsible for the group's work.
- In any assessment, every student shall honestly disclose any help received and sources used.
- In an oral assessment, every student shall be able to present and answer questions about the entire assignment and solution.
Further information
Course room in Canvas
Registered students find further information about the implementation of the course in the course room in Canvas. A link to the course room can be found under the tab Studies in the Personal menu at the start of the course.
Offered by
Main field of study
Computer Science and Engineering, Electrical Engineering
Education cycle
Second cycle
Add-on studies
No information inserted
Transitional regulations
Those who have passed only one of the course's previous two modules shall do PROJ instead.