This talk will be looking at classical attack vectors on IT systems and the
surrounding physical systems as well as social aspects. A set of commonly known
attack classes will be presented, followed up by a discussion about changes and
risks that come along when using attacks on IT systems for penetration tests. It is
taught to the students that those processes entail a highly creative aspect.
The process of disclosing discovered vulnerabilities will be covered by giving
examples of real world disclosure strategies that have been implemented. All of
this is not lectured without teaching the basics of ethics first, that is of vital
importance in this field of expertise.
A joint discussion of all participants brainstorming attack vectors will complement
the session and challenge the students to actively engage in the just learned.
The slides are available as PDF.