Module details for Ethical Hacking 2


This module develops a critical understanding of advanced techniques used by Ethical Hackers to examine the security of web applications.


The aim of this module is to provide the student with an understanding of advanced computer hacking and the countermeasures that a company can take to minimise their effect.

Learning Outcomes

By the end of this module the student should be able to:

1.  Analyse and critically evaluate techniques used to test web application security.

2.  Critically evaluate specific countermeasures to advanced hacking techniques

3.  Demonstrate a critical evaluation of an advanced security topic with an independent project.

Indicative Content

1 Overview of Web Application

Core Defence Mechanisms. Handling User Access, Authentication, Session Management, Access Control.

2 Web Application Technologies

HTTP Protocol, Requests, Responses and Methods. Encoding schemes. Server side functionality technologies (Java, ASP, PHP).

3 Injecting Code

Attacking SQL Servers, using SQL injection, E-Mail header injection. PHP injection. Other injection attacks. Preventive Measures.

4 Bypassing Client Side Controls

Manipulating cookies, tampering with parameters and URL's. Web proxies.

5 Attacking Authentication

Attacking Session Management, Design Flaws in Authentication Mechanisms Attacking Forgotten Password Functionality, attacking Password change functions. Countermeasures to authentication attacks

6 Cross Site Scripting (XSS)

Reflected XSS Vulnerabilities, Stored XSS Vulnerabilities, DOM-Based XSS Vulnerabilities. Countermeasures to XSS.

7 Web Server Security

Popular web servers and common security threats. Attacks against IIS and Apache. Increasing web server security. Countermeasures (e.g. correct Web Application Set-up).


Teaching and Learning Work Loads

Teaching and Learning Method Hours
Lecture 12
Tutorial/Seminar 0
Practical Activity 37
Assessment 71
Independent 80
Total 200

Guidance notes

SCQF Level - The Scottish Credit and Qualifications Framework provides an indication of the complexity of award qualifications and associated learning and operates on an ascending numeric scale from Levels 1-12 with SCQF Level 10 equating to a Scottish undergraduate Honours degree.

Credit Value – The total value of SCQF credits for the module. 20 credits are the equivalent of 10 ECTS credits. A full-time student should normally register for 60 SCQF credits per semester.


We make every effort to ensure that the information on our website is accurate but it is possible that some changes may occur prior to the academic year of entry. The modules listed in this catalogue are offered subject to availability during academic year 2021/22 , and may be subject to change for future years.