Secure Software Development (WS 2023/24)

Course Number 705022 | Wintersemester 2023/24


This course deals with the design and implementation of secure software. Especially memory corruption vulnerabilities such as buffer overflows, integer overflows or use-after-free bugs can be exploited by an attacker to bypass the intended program behavior and execute arbitrary payload in the worst case. We will look at various runtime mitigation techniques such as ASLR, stack canaries and data execution prevention exist. However, they can often be bypassed by more advanced exploitation techniques. Rather than preventing certain attacks, the ultimate goal is to eliminate memory corruption vulnerabilities and achieve "memory safety". We will discuss methods for debugging and bug discovery as well.


The slides are available here after the end of each lecture. The practicals, an explanation about the lecture, exam hacklets, and old exams can be found here: Material
Date Type Topic Lecturer Material
2023-10-04 10:15 KU Warmup + Organization Slides
2023-10-06 12:00 VO Organization + Intro Daniel, Lukas, Marcel, Stefan, Vedad Slides
2023-10-11 10:15 KU Tools 1 Slides
2023-10-13 12:00 VO Low Level / C++ Objects Daniel Slides
2023-10-18 10:15 KU Defenselets 1
2023-10-20 12:00 VO Memory Corruption 1 Marcel, Stefan Slides
2023-10-25 10:15 KU Tools 2 / Question Hour
2023-10-27 12:00 VO Memory Corruption 2 Marcel, Stefan Slides
2023-11-03 12:00 VO Exploits Lukas Slides
2023-11-08 10:15 KU Defenselets 2
2023-11-10 12:00 VO Finding Bugs 1 Vedad Slides
2023-11-15 10:15 KU Question Hour
2023-11-17 12:00 VO Finding Bugs 2 Vedad Slides
2023-11-22 10:15 KU Question Hour
2023-11-24 12:00 VO Defensive Programming Lukas Slides
2023-11-29 10:15 KU Question Hour
2023-12-01 12:00 VO Countermeasures Lukas Slides
2023-12-06 10:15 KU Defensive Programming Slides
2023-12-13 10:15 KU Question Hour
2023-12-15 12:00 VO Christmas Special (?)
2024-01-10 10:15 KU Question Hour

Administrative Information


  • Please contact us under or in the Discord channel which you will receive per mail.
Below you can find the lecture dates exported from TUGOnline.


Daniel Gruß


View more
Vedad Hadžić

PhD Candidate

View more
Lukas Maar

PhD Student

View more
Marcel Nageler

PhD Student

View more
David Schrammel

PhD Candidate

View more