Skip to main content
Till KTH:s startsida Till KTH:s startsida

EP284U Ethical Hackning, project assignment 4.0 credits

Choose semester and course offering

Choose semester and course offering to see current information and more about the course, such as course syllabus, study period, and application information.


For course offering

Autumn 2024 Start 28 Oct 2024 contract education

Application code


Headings with content from the Course syllabus EP284U (Autumn 2023–) are denoted with an asterisk ( )

Content and learning outcomes

Course contents

The main activity of the course consists of an in-depth project where the students independently conduct investigations about published vulnerabilities and demonstrates how these can be exploited. The project includes two main components. The first is to independently design and build a relevant test environment with vulnerable components. The second is to use and modify existing malicious code or to develop such code. For both the assignments, the students are free to use their imagination and relevant tools according to their own discretion. It is emphasised that the students carry out all activities responsibly. In it is included for example acting in accordance with the laws, regulations and ethical principles that apply to offensive cybersecurity.

Intended learning outcomes

After passing the degree project course, the student should be able to

  • describe and use published information about vulnerabilities
  • independently analyse and specialise in chosen vulnerabilities and equivalent exploitation techniques
  • independently plan perform responsible development work in offensive cybersecurity
  • clearly and efficiently communicate conclusions, results and relevant technical information both orally and in writing.

Literature and preparations

Recommended prerequisites

No information inserted


No information inserted


No information inserted

Examination and completion

If the course is discontinued, students may request to be examined during the following two academic years.

Grading scale

P, F


  • PRO1 - Written report, 4.0 credits, grading scale: P, F

Other requirements for final grade

  • Submission of own developed harmful code
  • Submission of installation instructions for vulnerable components and necessary software.
  • Oral presentation and demonstration of the environment, its vulnerabilities and the malicious code that has been used.
  • Upon discovery of new vulnerabilities, the student should act according to prevailing guidelines for vulnerability discolsure.
  • The project work and its results are handled according to prevailing regulations and guidelines and in a manned that to the best of ability avoids to minimise foreseeble risks for involved parties.

Opportunity to complete the requirements via supplementary examination

No information inserted

Opportunity to raise an approved grade via renewed examination

No information inserted


No information inserted

Ethical approach

  • All members of a group are responsible for the group's work.
  • In any assessment, every student shall honestly disclose any help received and sources used.
  • In an oral assessment, every student shall be able to present and answer questions about the entire assignment and solution.

Further information

Course room in Canvas

Registered students find further information about the implementation of the course in the course room in Canvas. A link to the course room can be found under the tab Studies in the Personal menu at the start of the course.

Offered by

Main field of study

Computer Science and Engineering

Education cycle

Second cycle

Add-on studies

No information inserted