FAUST regularly organizes workshops on different IT-Security topics. This Semester, the topic is web security. The workshop will take place on 20th and 21st of January

What is hacking?

You may know hacking as evil and illegal activity. However, there are perfectly legal and ethical ways to hack. To close security problems in your software, you must first know what bugs can be leveraged by an attacker.

Furthermore, this can be a fun activity for your free time and is perfectly legal if you do not attack a system you don’t have permission to attack. For example, there are regularly so called Capture-the-flag competitions (CTF) hosted all over the world. This is a playful way to improve your IT-Security knowledge by hacking a purposefully insecure system created just for the competition. There are academic and non-academic CTF teams from all over the world taking part in these competitions, we (FAUST) are no exception.

For more information about CTF competitions, take a look at CTFTime.

Who is this workshop for?

Our Web Security Workshop takes place on the 20th and 21st of January. Everyone is welcome, no matter if you are a bloody beginner or already know some hacking basics.

You should bring your own laptop, preferrably with a Linux installation (bare-metal or in a VM, doesn’t matter) to do the exercises. We recommend a Debian derivative, such as Ubuntu, but any distribution should suffice.

Workshop Contents

The workshop runs from 10AM to 5PM on Saturday and 10AM to 2PM on Sunday. We will provide Pizza for Lunch.

We explain the following concepts in small presentations and let you practice with interesting challenges afterwards:

  • SQL Injection
  • Command Injection
  • Cross-Site Scripting (XSS)


Please join our StudOn course for more information. If you cannot make it to the workshop, don’t worry! We will upload the slides after the workshop and you will have the option to solve the exercises on your own.

We hope to see you at the workshop!