Web Application Security & Privacy Lab (Praktikum)

(4 SWS, 6 CP)

This lab gives hands-on examples in developing secure and privacy-friendly web applications. You will use a variety of tools such as IBM AppScan, which supports a fully automatic detection of vulnerabilities. In particular, we cover amongst others:


  • Configuration of Webserver Apache, MySQL
  • HTML, Javascript (including Ajax) and CSS Basics
  • Common Web Application Challenges (User Authentication, User Management, Structure, ...)
  • Vulnerabilities of Web Applications such as SQL Injection, Cross Site Scripting, ...

In this course, we will focus on three different types of web sites: online shop, online payment and central authentication services. We will provide mobile devices to test and develop your new service as mobile and as desktop version.

You will solve the tasks in small groups up to 4 people. No exam will be written, individual (face-to-face) tests will be graded (Testate). Further information on the specific projects will be given in the kick-off meeting.


  • Grundlagen der Informatik 1 & 2
  • Einführung in Trusted Systems
  • Einführung in die IT-Sicherheit
  • Einführung in die Kryptographie

This lab is taught by members of the SIT Research Group.

Language: Slides in English, Student Presentations in English or German.

Contact: Marco Ghiglieri

Summer 2014

Interested students need to apply via TUCan (Module: 20-00-0705-pr). 

The lab will include lectures and/or presentations on the following dates: 22.04.2014, 06.05.2014, 20.05.2014, 03.06.2014, 17.06.2014, 01.07.2014, 15.07.2014

The kick-off meeting will be on April 22, 2014 15.30-17.00. All interested people should attend this meeting.

Location: CASED Building 3.1.01

Moodle Page: WASPL14


SIT Research Group

Security in Information Technology

Sicherheit in der Informationstechnik

Prof. Dr. Michael Waidner

Upcoming Events

No events found.

A A A | Drucken Drucken | Impressum Impressum | Sitemap Sitemap | Suche Suche | Kontakt Kontakt | Webseitenanalyse: Mehr Informationen
zum Seitenanfangzum Seitenanfang