Compass Security Blog

Offensive Defense

BFH Exploiting & Defense Course

I am given the opportunity to teach Exploiting & Defense in the Bern University of Applied Sciences (Berner Fachhochschule) in the module Application and Software-Security.

In seven afternoons, each four lessons, I’m giving a complete overview of the Art of Exploitation, and the defensive measures which are available today. Topics include:

All the Slides are also available: E&D BFH 2017 Slides

For this mandate, I also created a website with an interactive exploit challenges environment called It provides:

  • Vulnerable programs¬†and their exploits
  • An environment where the exploits can be started (LXD container in a QEMU VM)
  • Writeups on how to exploit the programs
  • A Browser based Linux terminal emulator (no need for an SSH client)

The code is available on github; web, server, lxd-server. It leverages the Ubuntu LXD container technologies to implement most of its features.

1 Comment

  1. Sergio

    Awesome work!

Leave a Reply

Your email address will not be published. Required fields are marked *