The main activity of the course consists of an in-depth project where the students independently conduct investigations about published vulnerabilities and demonstrates how these can be exploited. The project includes two main components. The first is to independently design and build a relevant test environment with vulnerable components. The second is to use and modify existing malicious code or to develop such code. For both the assignments, the students are free to use their imagination and relevant tools according to their own discretion. It is emphasised that the students carry out all activities responsibly. In it is included for example acting in accordance with the laws, regulations and ethical principles that apply to offensive cybersecurity.
EP284U Ethical Hackning, project assignment 4.0 credits
Information per course offering
Choose semester and course offering to see current information and more about the course, such as course syllabus, study period, and application information.
Information for Autumn 2025 Start 27 Oct 2025 contract education
- Course location
KTH Campus
- Duration
- 27 Oct 2025 - 12 Jan 2026
- Periods
- P2 (4.0 hp)
- Pace of study
25%
- Application code
50590
- Form of study
Normal Daytime
- Language of instruction
English
- Course memo
- Course memo is not published
- Number of places
Places are not limited
- Target group
Contract education
- Planned modular schedule
- [object Object]
- Schedule
- Schedule is not published
- Part of programme
- No information inserted
Contact
Course syllabus as PDF
Please note: all information from the Course syllabus is available on this page in an accessible format.
Course syllabus EP284U (Autumn 2023–)Headings with content from the Course syllabus EP284U (Autumn 2023–) are denoted with an asterisk ( )
Content and learning outcomes
Course contents
Intended learning outcomes
After passing the degree project course, the student should be able to
- describe and use published information about vulnerabilities
- independently analyse and specialise in chosen vulnerabilities and equivalent exploitation techniques
- independently plan perform responsible development work in offensive cybersecurity
- clearly and efficiently communicate conclusions, results and relevant technical information both orally and in writing.
Literature and preparations
Literature
You can find information about course literature either in the course memo for the course offering or in the course room in Canvas.
Examination and completion
If the course is discontinued, students may request to be examined during the following two academic years.
Grading scale
P, F
Examination
- PRO1 - Written report, 4.0 credits, grading scale: P, F
Other requirements for final grade
- Submission of own developed harmful code
- Submission of installation instructions for vulnerable components and necessary software.
- Oral presentation and demonstration of the environment, its vulnerabilities and the malicious code that has been used.
- Upon discovery of new vulnerabilities, the student should act according to prevailing guidelines for vulnerability discolsure.
- The project work and its results are handled according to prevailing regulations and guidelines and in a manned that to the best of ability avoids to minimise foreseeble risks for involved parties.
Examiner
Ethical approach
- All members of a group are responsible for the group's work.
- In any assessment, every student shall honestly disclose any help received and sources used.
- In an oral assessment, every student shall be able to present and answer questions about the entire assignment and solution.
Further information
Course room in Canvas
Registered students find further information about the implementation of the course in the course room in Canvas. A link to the course room can be found under the tab Studies in the Personal menu at the start of the course.
Offered by
Main field of study
Computer Science and Engineering
Education cycle
Second cycle