Offensive Security

COURSE SYLLABUS

Open Source INTelligence: collecting general information about the target, google hacking, social media search, archive search, collecting technical information, domain and domain owner data search, IP address related search, network range owner identification, network range enumeration
Network reconnaissance: mapping the network with different techniques, nmap and hping usage with different options
Get in touch with services: Identifying and attacking different services, finding information disclosure and default settings, brute-force, understanding exploits in general, service related unique exploitation techniques
Web hacking: Information disclosure and defaults, brute-force, client side manipulation and tampering, XSS, CSRF, server side techniques, session related exploitations, file inclusions, SQLi, XPathi, SSTI, XXE, etc.
Binary exploitation: understanding binaries, CPU architectures and binaries in general, virtual address spaces and layouts, debugging, understanding the stack, stack overflow, return to libc, return oriented programming exploitations, heap related vulnerabilities, use after free and heap spraying
Social Engineering: understanding the human behavior, phishing techniques, other social engineering techniques
Internal Network Hacking: getting access to internal networks, Microsoft network related protocols and exploitation, man in the middle techniques, ARP poisoning
Ethical hacking and cryptography: password cracking techniques
Wireless Security: WEP and WPA2, capturing the wifi handshake, cracking

The Master of Science Programme in "Advanced Cybersecurity Technologies and Governance" was established as part of the European EU-iNSPIRE project (INnovative multi-diSciPlinary Industry-focused cybersecurity education for upskilling and ReskIlling the EU workforcE), which began in January 2025, has a duration of four (4) years and is co-funded by the European Union through the DIGITAL-2023-SKILLS-05 program (Contract No. 101190054).