This course is about assessing the security of computer systems.  It has three main goals:

1.To teach students the art of penetration testing, with a focus (though not exclusive) on exploiting vulnerabilities in web applications.

2.To teach students about ethical hacking, i.e., the non-technical aspects of penetration testing, including rules of engagement, how to protect confidential data, etc.

3.To harden the computer systems of the University of Maryland, College Park, by using them as a target of penetration tests.  Students may probe Maryland systems, assess their vulnerabilities, and ultimately attempt to exploit them.  Students report successful exploits to system owners and work with those owners to fix the problems.