The main activity of the course is a project where students independently attack a corporate computer network with the aim of exfiltrating specific information. The network is rigged by the course responsibles in a virtual environment. To carry out the attack, the students are free to use their imagination and tools available on Internet. Tools for network and vulnerability scanning, platforms for exploit development, command and control, passwork creacking, etc. are presented during the course, but students are free to employ methods and tools of their own choice. 

Ethical hackers are contracted for practical assessment of computer network security. For an effective defense against cyber attacks, a deep understanding of attackers' available range of action is required. After completed course, the student should therefore be able to

• perform reconnaissance, identifying and selecting targets for attack, e.g. by means of network scanning
• identify vulnerabilities in network equipment and applications
• customize exploits for software vulnerabilities
• deploy and execute exploits on vulnerable systems,
• install and use remote access trojans for remote system control
• identify password files and extract passwords
• exfiltrate data
• implement solutions to strengthen the information security of computer networks
• carry out legal and ethical security testing.

• Communiation networks (for example EP1100 Data communicatin and computer networks)
• Operating systems (for example ID1206 Operating sysstems)

Learn Ethical Hacking from Scratch: Your stepping stone to penetration testing by Zaid Sabih

Students are strongly encouraged to search for information in many different sources. Nevertheless, for those that would like to start with a single book, we recommend Learn Ethical Hacking from Scratch: Your stepping stone to penetration testing by Zaid Sabih. It contains much of the information required for completing the course, but not everything. Conversely, it contains much that is not required for the course. Furthermore, all the relevant information contained in the book is also available on the public Internet. In brief, the book is not required. Therefore, it may be best viewed as a scoping of the course contents, providing ideas on what attack paths to explore. For instance, already the table of contents will give you an indication of what you might encounter in the course:

Chapter 1. Introduction
Chapter 2. Setting Up a Lab
Chapter 3: Linux Basics
Chapter 4: Network Penetration Testing
Chapter 5: Pre-Connection Attacks
Chapter 6: Network Penetration Testing – Gaining Access
Chapter 7: Post-Connection Attacks
Chapter 8: Man-in-the-Middle Attacks
Chapter 9: Network Penetration Testing, Detection, and Security
Chapter 10: Gaining Access to Computer Devices
Chapter 11: Scanning Vulnerabilities Using Tools
Chapter 12: Client-Side Attacks
Chapter 13: Client-Side Attacks - Social Engineering
Chapter 14: Attack and Detect Trojans with BeEF
Chapter 15: Attacks Outside the Local Network
Chapter 16: Post Exploitation
Chapter 17: Website Penetration Testing
Chapter 18: Website Pentesting - Information Gathering
Chapter 19: File Upload, Code Execution, and File Inclusion Vulnerabilties
Chapter 20: SQL Injection Vulnerabilities
Chapter 21: Cross-Site Scripting Vulnerabilities
Chapter 22: Discovering Vulnerabilities Automatically Using OWASP ZAP

Students at KTH with a permanent disability can get support during studies from Funka:

Funka - compensatory support for students with disabilities

A, B, C, D, E, FX, F

• INL2 - Home assignment, 0.5 credits, Grading scale: P, F
• PROA - Project, 7.0 credits, Grading scale: A, B, C, D, E, FX, F

Based on recommendation from KTH’s coordinator for disabilities, the examiner will decide how to adapt an examination for students with documented disability.

The examiner may apply another examination format when re-examining individual students.

To pass the course, the following is required:

• Submission of hacking logs each week until completing the project.
• Valid submission of all flags in the project assignment.
• A minimum of 10% of maximum flag points calculated as detailed below.
• Valid submission of the quiz on Cyber Law.
• Oral exam (unless explicitly exempted).
• Abiding by the rules.

The final grade in the course will mainly depend on:

• The aggregated value of captured flags. Each flag has a maximum value of 10 points, which decreases with the number of consumed hints.
• Your operational security. 
• A successfully completed bug bounty bonus assignment is worth 20 points.
• An oral exam.

If hacking logs and other factors are satisfactory, we aim to grade as follows:

A: 90-100% of maximum required points

B: 70-90% of maximum required points

C: 50-70% of maximum required points

D: 30-50% of maximum required points

E: 10-30% of maximum required points

Maximum required points is computed as 10 x (number of flags). With 16 flags, the maximum required points is therefore 160. (The number of flags varies from year to year.) Because the bug bounty assignment is a bonus task, it can be used to boost your points above the maximum required points.

Teachers may request that the project assignment is presented in person. This examination consists of an individual interview where teachers will be asking the student to explain and demonstrate parts of their accomplishments during the course. The oral exam is mainly aimed at determining that the student's physical self corresponds to her digital one, so we expect the ability to explain how various flags were captured, and why the employed methods were selected. If requested by teachers, the oral exam is mandatory. The results of the oral exam can affect both examination and grading. You are allowed to use your own notes during the oral exam.

Any students that do not pass the course have to re-take the course in the next iteration. It is not possible to increase the grade of the course after the course has been completed. 

• All members of a group are responsible for the group's work.
• In any assessment, every student shall honestly disclose any help received and sources used.
• In an oral assessment, every student shall be able to present and answer questions about the entire assignment and solution.