COMP6443 Notices

Final Exam Solutions & Mark Distribution

Posted by Adam Yi Saturday 19 September 2020, 04:28:30 PM.

Dear students,

I hope you are staying safe :)

As promised earlier, here's an unofficial write-up for the final exam: https://adamy.io/comp6443-20t2-final-solution . It's served outside solutions.quoccabank.com infra so that it won't be taken down when we take down QuoccaBank.

At the moment, all challenges are still up in QuoccaBank cluster so you can still try to get the flags you missed in the exam now. No promises for how long they'll stay up though (since secedu is paying for our AWS account).

Final exam mark was derived using the same formula and marking method as fortnightly challenges, which was explained earlier here . As mentioned previously, after summing up all components, Richard helped us scale down the overall course mark so that a consistent standard is applied at the pass/fail boundary and the D/HD boundary. This year, because of the COVID situation, we have erred on the side of generosity and the average course marks after scaling have been left a bit higher than we would normal expect.

Here's the marking distribution for the overall course mark in case you're interested in where you stand in the entire cohort.

COMP6443/6843 combined:

COMP6443:

COMP6843:

I hope you all enjoyed the course!

Cheers,

Adam

Web App Security results about to be released

Posted by Jiaojiao Jiang Wednesday 02 September 2020, 11:21:04 AM.

Dear Students,

Congratulations on completing Web App Security. We have now finished marking and scaling and you should get your marks tomorrow.

As explained in the course outline we scale the final exam and the overall course mark to ensure that marks across all security courses are consistant (so for example if an exam one year is particularly easy or particularly difficult we scale the mark to reflect this). We also adjust the overall course mark so that a consistent standard is applied at the pass/fail boundary and the D/HD boundary and hence your final mark may not be simply the sum of the individual unscaled marks. This year, because of the COVID situation, we have erred on the side of generosity and the average course marks after scaling have been left a bit higher than we would normal expect.

We have had a few cases of possible cheating and if you get a “withheld” result rather than your grade please contact us if you have not already heard from us about your situation.

It has been a pleasure teaching you all this term and I wish you the very best in your future studies.

Warm regards,

COMP6443/6843

Exam has concluded

Posted by Adam Smallhorn Friday 21 August 2020, 05:02:11 PM.

Hi everyone,

We hope you enjoyed the exam. The exam has now finished. You have until 5:15 to submit your PDF of your write up via give.

If you have any issues, please email cs6443@cse.unsw.edu.au

Thanks again.

Final Exam - Starting at 1pm

Posted by Adam Smallhorn Friday 21 August 2020, 01:00:55 PM.

Hello.

The final exam has started at 1pm AEST and will finish at 5pm AEST.

Please visit https://final.quoccabank.com to view the exam paper. There may be a slight delay on the server as everyone visits initially. Please be patient or try other challenges.

If you have issues during the exam email cs6443@cse.unsw.edu.au or message 0402683020

Recall you MUST also submit a simple and short write-up of your solutions as a PDF. Please write this as you go. To avoid overloading give at the end of the exam, please submit multiple times throughout the exam.

All flags are due by 5pm AEST. You will have a 15 min grace period to submit your write ups via give.

If you are having trouble submitting please contact the course account cs6443@cse.unsw.edu.au

Good luck!

Pre-release of exam paper

Posted by Adam Yi Thursday 20 August 2020, 10:48:13 AM.

Dear students,

You may now preview the exam paper on https://final.quoccabank.com/. Please kindly note that this is a pre-release and is subject to changes.

Similar to midsem, the challenge domains won't be accessible until the exam starts.

Have fun :)

Topic 4 and 5 solutions

Posted by Adam Yi Thursday 20 August 2020, 01:36:26 AM.

Hey all,

The official solutions for topic 4 and 5 challenges are released on https://solutions.quoccabank.com

Notices for Friday's exam

Posted by Adam Smallhorn Wednesday 19 August 2020, 07:13:08 PM.

Dear students,

A few updates regarding this friday's exam.

• The exam will run Friday 21 August from 1pm - 5pm AEST.
• The challenges will become active at 1pm and no flags will be accepted after 5pm.
• A preview of the exam paper will be available here later tonight: http://final.quoccabank.com/ . This will be fairly close to the exam paper you will receive on friday.
• Unlike the midsem exam you WILL be required to submit a PDF write-up of your solutions (not marked, but used to verify you completed the challenges) using CSE's give system. This must be submitted by 5pm.
• You will NOT require online brute forcing, nor tools such dirbuster or subbrute.
• A few challenges may benefit from offline brute forcing (i.e. on your computer), but they will be easy to brute force (under a min). The vast majority of questions do not require this.
• There will NOT be a padding oracle question.
• There will be various injection challenges in the exam (including but not limited to local file inclusion, SQLi with a filter, server side template injection etc)
• Core and extended students will do the same questions, but the cohorts will be marked and scaled separately. We indicate on the paper what a reasonable amount of flag solves would be.

If you have any questions please direct them to cs6443@cse.unsw.edu.au otherwise we wish you good luck!

Final exam time - 1pm-5pm, Friday 21/08/ 2020

Posted by Jiaojiao Jiang Sunday 16 August 2020, 07:05:22 PM.

Dear all students,

Please note that the final exam time is 1pm-5pm, Friday 21/08/ 2020 , not 1:45pm-4pm appeared on exam timetable. Please follow the exam information that we put on OpenLearning. And there will be a further announcement about more details of the final exam in the coming days. Please stay tuned.

Warm regards,

COMP6443/6843

Mid-term marks updated

Posted by Adam Yi Wednesday 12 August 2020, 03:57:53 PM, last modified Wednesday 12 August 2020, 04:17:12 PM.

Sorry for the confusion, but I forgot that interim flags exist when porting the marking script to compute the exam marks. As a result, if you got all the "final flags" without finding all the "interim flags", you wouldn't get full mark.

This is is fixed now. Below is the new distribution

This issue didn't affect fortnightly challenges.

Further clarification on marking formulas:

1. Different piece-wise linear functions are applied to core students and extended students separately to accommodate different credit level and share similar normal distribution.

2. For the midterm exam, the weights for the two bonus flags are manually adjusted to be half of a regular flag (since only a few students found midsem0, this would be deemed as an "extremely hard" flag by the formula).

3. (update): for the extended challenge in the midterm exam, its ctfd point when calculating is now lowered to 1 - same as other challenges, but it still weights more than other challenges due to the number of solves.

Fortnightly challenges & mid-term exam PROVISIONAL marks available

Posted by Adam Yi Wednesday 12 August 2020, 01:56:42 PM.

Dear students,

You may check your fortnightly challenges & mid-term exam marks now by SSH-ing into cse login server and run `6443 classrun sturec` (for 6843 students as well). Alternatively you may click the Grades button on WebCMS3.

We've released your submarks for each of the topic (out of 100), your midsem mark (out of 10), as well as your overall fortnightly challenges mark (out of 25).

These marks are PROVISIONAL and subject to changes.

Marking Methodology

I'm a huge believer in numbers so your mark is calculated based on a purely applied mathematics/statistics approach. Your mark for each topic including the midsem is the weighted sum of all flags you solved. The weight of each flag corresponds to its difficulty, which can be reflected from the number of solves. Specifically, your mark is derived as following:

Where N is the total number of students, and P is the raw CTFd points associated with the flag (as an indication of our designed difficulty). T is a weight based on your submission timestamp (for fortnight challenges: 1 if on time, 0.5 if 1 day late, 0 if more than 1 day late; for midsem: 1 if before exam ends, 0 if after exam ends). S is the sum of T for all students for that flag.

Full mark is calculated by summing the weights for all flags solved by at least one student, with T=1 (except for two bonus midsem flags that are excluded from full mark calculation). Your mark is then calculated as a percentage of the full mark.

We then calculate the mark of a hypothetical student who solved the bare minimum credit level flags and scale that mark to 65 for each of the topic, and apply a piece-wise linear function to achieve normal distribution (except for midsem where we didn't scale the marks).

If there's anything wrong with your mark

Please email cs6443@cse.unsw.edu.au. However, since we are using the the formula above to calculate the mark for everyone, it's highly unlikely that your mark is going to change. But if for logistics reason (e.g., deadline extension calculation went wrong), someone's mark gets changed, the mark for everyone is going to change to a tiny degree since the S in the formula above is going to be affected.

I hope you all enjoyed the challenges and good luck on your exam!

Cheers,

Adam Yi

Second Report Submission

Posted by Adam Yi Friday 07 August 2020, 08:11:47 PM.

Similar to the first one, ssh to cse server and submit it this way:

give cs6443 report2 report.pdf

Please submit pdf only

Revision Lecture Monday - Vote for which topics will be covered

Posted by Adam Smallhorn Friday 07 August 2020, 03:44:09 PM.

Hello,

Norman and Marina will be running a revision lecture on monday and would like to know what topics you'd like to have covered. They will also give some tips on the exam.

We've created a straw poll where you can add topics and vote up the things you want to be covered most.

Please take a look and add some topics over the weekend so that we can make the best use of the time on monday :)

https://poll.ly/#/Lnrr5yeg

COMP9447 Application

Posted by Adam Yi Thursday 06 August 2020, 02:10:07 PM.

[THIS IS A SPONSORED MESSAGE BROUGHT TO YOU BY SECEDU]

SECedu is running COMP9447 with AWS in T3, apply here if you're interested: https://forms.office.com/Pages/ResponsePage.aspx?id=pM_2PxXn20i44Qhnufn7o25_8BR_GoBAqZkK4mZy6fNUMlQ5TTJHVjdFMVNZODBDNTVSR0hCNDRHSC4u

If you have any questions, please ask @chris or @sk99k on Slack.

No lecture today (5/8/2020)

Posted by Jiaojiao Jiang Wednesday 05 August 2020, 08:52:17 AM.

Dear students,

Please note that there is no lecture today (5/8/2020) .

Next week's lecture will be a review lecture. Please leave comments on OpenLearning if you require reviewing any particularly difficult-to-understand concepts.

Warm regards,

COMP6443/6843

Review Week - Feedback Requested!

Posted by Jiaojiao Jiang Tuesday 04 August 2020, 05:20:52 PM.

Hello!

Next week's lecture will be a review lecture. This intends to be a "cheat sheet" for previous weeks of content, as well as (as time permits) addressing any particularly difficult-to-understand concepts.

If you have:

• Topics you particularly want to hear about next week
• Particular bits of coursework which you struggled with

Please leave a comment on OpenLearning . If someone else has already commented, please make a comment anyway (or leave a like) so we can see if there's specific topics lots of people want to hear about :)

Week 10 - Guest Lecture - Monday 3/8/2020

Posted by Jiaojiao Jiang Monday 03 August 2020, 09:38:22 AM, last modified Monday 03 August 2020, 09:39:50 AM.

Dear students,

We are very happy to have two guest speakers for our Monday Lecture this week 3/8/2020.

Here are the topics of the guest lectures and short bios of our guest speakers.

Speaker: Adam Benson

Topic: Building blocks required to build a software

Time: 5pm-6:30pm

Bio: Adam Benson is a senior engineering manager from BigCommerce, an international ecommerce platform provider with more than 60,000 merchants and having processed >$25B in merchant sales. With over 14 years experience building (and breaking!) web applications, and 7 years building (not breaking!) high-performing teams, Adam has had a diverse career in software engineering. By focusing on people and customers, combined with passion for innovation and techincal prowess, Adam believes organisations can deliver value that delights customers and exceeds their imagination.

Adam is a uniquely technical manager with a passion for architecture and software design especially as it pertains to performance, security, quality and scalability (both operationally and culturally). His tenure at BigCommerce has included both management and staff engineering, where he was responsible for shepherding distributed mission-critical high volume architectures, design & development of reactive event driven systems, and scaling the capacity of a successful, high traffic platform.

Adam is also an enthustic amateur photographer, cook and bartender.

keybase: foxesrun

Email: admin@foxes.run<u></u>

Instagram: foxes__run

Linkedin: https://www.linkedin.com/in/adam-b-502b7021/

Speaker: Mitchell Carter

Topic: Current Job Market in Security Field

Time: 6:30pm-7pm

Bio: Mitchell Carter hunts the good guys that hunt the bad guys. Mitchell has recruited in the Cyber Security industry for over 4 years; almost exclusively in the Australia. Helping companies of all sizes fill technical security roles, Mitchell is passionate about the industry. From Australia’s biggest banks, through to $1bn+ vendors, Mitchell has headhunted and placed a large number of Cyber Security professionals and has become a trusted advisor in the space. Mitchell has presented at some of Australia’s Security Conferences (AISA) as well as regularly speaking to University students giving guidance on how to enter the industry.

Wish to see you all in the lecture. :)

Cheers,

COMP6443/6843

CSP challenge for topic 4

Posted by Jiaojiao Jiang Wednesday 22 July 2020, 08:53:17 PM.

Dear students,

We hope you enjoy solving topic 4 challenges. Please note that we just added a CSP challenge (csp.quoccabank.com ) into the bonus flags . Please check it on OpenLearning .

You may also find some useful hints at https://solutions.quoccabank.com/topic4_hints .

Warm regards,

COMP6443/6843

Topic 4 challenge hints

Posted by Adam Yi Wednesday 22 July 2020, 06:50:04 PM.

As promised earlier, hints for topic 4 challenges are out: https://solutions.quoccabank.com/topic4_hints

It's even clearer and less cryptic (☹) than the topic 3 hints, but I still managed to put in some memes. Hope you'll like it :)

Solutions for topic1-3 challenges and midsem exam

Posted by Adam Yi Monday 20 July 2020, 04:15:21 PM.

Dear students,

You may find the solutions here: https://solutions.quoccabank.com/

Cheers,

adamyi@

Reading material about SOP and CORS headers

Posted by Jiaojiao Jiang Thursday 16 July 2020, 03:24:34 PM.

Dear students,

Please kindly check the following links for more reading materials about SOP and CORS headers:

https://portswigger.net/web-security/cors/access-control-allow-origin

https://www.netsparker.com/whitepaper-same-origin-policy/

Enjoy!

Cheers,

COMP6443/6843

Open-sourcing CTFProxy

Posted by Adam Yi Sunday 12 July 2020, 02:54:27 PM.

Hey all,

We've open-sourced our CTF infrastructure ( https://github.com/adamyi/CTFProxy ). If it looks cool to you, please give it a star on Github!

Feel free to send issues and pull requests. As always, if you found any security issues, dm me on Slack and you'll be added to the hall of fame.

Enjoy :)

Adam

Industry Panel & Presentation Night for the UNSW Web Application Security Course

Posted by Jiaojiao Jiang Monday 06 July 2020, 04:11:16 PM.

Dear all students,

Our industry Panel & Presentation Night for the UNSW Web Application Security course will start at 5pm tonight. Please join via this zoom link https://unsw.zoom.us/j/97960377585 .

Agenda:

• 5:06-5:30: Demo: Tejas Parnerkar, Prospa
• 5:30 - 6:30: Industry Engineering & Security AMA / Round-table Chat
  
  • Tejas Parnerkar, SW Eng, Prospa
  • Bhaskar Shrestha, SW Eng, Prospa
  • Adam Yi, SRE
  • Joshua Murray, Pen tester, CBA
  • David Jorm, Pen testing manager, CBA
  • + tbcs

Cheers,

6443/6843

Hints for Topic 3 Bonus Flags

Posted by Adam Yi Thursday 02 July 2020, 08:10:40 PM.

Hey all,

I've put together some hints for the bonus challenges: https://docs.google.com/document/d/13wsZDpeXLCSl7F_GGrz43iB8r430f7DLL_Nb7BJVoMs/edit#

Enjoy :)

Adam

Due date extension for the first written report

Posted by Jiaojiao Jiang Tuesday 30 June 2020, 04:32:31 PM.

Dear all students,

We are happy to announce that the due date for the first written report has been extended to 11:59pm Wednesday 15 July 2020 (Week 7) .

Wish you enjoy the break in Week 6.

Cheers,

CS6443/6843

Join the lecture on Zoom after Mid-sem exam

Posted by Jiaojiao Jiang Monday 29 June 2020, 05:57:25 PM.

Dear all students,

We hope you did great in the mid-sem exam.

The lecture is now on Zoom. Please join the lecture at https://unsw.zoom.us/j/97960377585 . Looking forward to seeing you there.

Warm regards,

Jiaojiao

Mid-sem exam challenge links released

Posted by Jiaojiao Jiang Monday 29 June 2020, 04:53:53 PM.

Dear students,

The exam challenge links midsem1-5.quoccabank.com are released now (5:00pm), and you may commence the exam now.

You must submit all flags by 6pm. Any flags submitted with a timestamp after 6pm will not be counted towards your mid-semester mark.

Good Luck,

Jiaojiao

MidSem Exam instruction is available

Posted by Jiaojiao Jiang Monday 29 June 2020, 02:13:32 PM.

Dear students,

The mid-sem exam instruction is now available. Please check the instruction at midsem.quoccabank.com.

The exam will start at 5pm and finish by 6pm. Please join zoom meeting lecture after the exam.

If any uncontrollable things happen, please email us at cs6443@cse.unsw.edu.au .

Warm regards,

Jiaojiao

SQLi will NOT be on the mid-semester exam

Posted by Jiaojiao Jiang Saturday 27 June 2020, 08:05:27 PM.

Dear students,

Please note that SQLi will NOT be on the mid-semester exam.

Warm regards,

Jiaojiao

Struggling with topic 3?

Posted by Jiaojiao Jiang Friday 26 June 2020, 03:13:32 PM.

Are you struggling to solve some of the topic 3 challenges? You’re not the only one!!

This graph (collected Thursday morning) shows mostly topic 2 solves and topic 3 solves.

At the moment, the easiest topic 3 challenge is still harder than the hardest topic 2 challenge!!

Based on this data we’ve made the following decisions:

• We have decided that SQLi WILL NOT be on the mid-semester exam.
• Abhi and Varun will dedicated time at the beginning of monday’s lecture giving some advice and tips on the topic 3 injection challenges.
• Pay portal will be modified to return a SQL error which can assist you solve the challenge. We will publish an update on the challenge spec on OL when this has occurred.
• We also give the following advice:
  • We encourage you to check header responses when sending a payload. Some of the flags may be revealed via headers.
  • We encourage you to revise the lecture slides, as some solutions are trivially obtained with payloads similar to those mentioned in challenges.

Remember, you have two weeks to complete topic 3’s challenges, and for all assessment we scale to ensure marks are fair. It is also our intent that challenges added tuesday week 5 will be easier to obtain than those released in week 4.

Best regards,

cs6443@cse.unsw.edu.au

Special Instructions for bigapp (topic 3)

Posted by Adam Yi Wednesday 24 June 2020, 01:42:28 PM.

Dear students,

We've just released a set of special instructions for the bigapp challenge. Specifically, we are using an "Untitled Goose Game" style objective list to award flags.

Check OpenLearning for details.

Cheers,

Adam

Please don't use SQLMap

Posted by Adam Yi Tuesday 23 June 2020, 04:05:50 PM.

A friendly notice that for the benefits of your own learning, sqlmap is banned against QuoccaBank. We have logs and we’ll be sad.

Don't worry if you didn't know this. Just try manual payloads from now on :) You don't learn how SQLi works by using sqlmap.

Finding the challenges hard?

• Don’t worry SQLi is a harder technique
• We’re monitoring progress and can update the credit level if needed, and certainly scale after the fact.
• Lean on your tutors this week to go through some SQL examples and how to test and reason with SQLi
• Try an open source challenge (dvwa, buggyweb app) so you can practice seeing the SQL statement, or just install a SQL db (e.g. MySQL, PostgreSQL) and start playing with it
• One of the ‘w4’ challenges is not SQLi (you can find which one it is by looking at assessment in lecture slides). It’s a topic that we covered this week (you can find which topic it is by looking at the header in challenge list on OL) because we ran over last week.

Zoom link to Monday lecture

Posted by Jiaojiao Jiang Monday 15 June 2020, 05:10:50 PM.

Dear students,

Here is the link to Monday lecture https://unsw.zoom.us/j/97960377585 .

Cheers,

Jiaojiao

Topic 1 Challenge Solution

Posted by Adam Yi Thursday 11 June 2020, 01:09:52 PM.

Dear students,

You may now find sample solution to topic 1 challenges here: https://solutions.quoccabank.com/topic1

Please note that IT IS NOT YET DUE for some late-enrolled students with deadline extension. Please refrain from discussing them in public or sharing this with other students. We are giving you the solution out of our trust to you. Please don't let us down - we'll be sad ☹

If you are one of those students with a deadline extension, you won't be able to access that page (403). If you are unofficial student (not officially enrolled in this course), you'll get a 403 as well. In that case, feel free to email us to be whitelisted for access.

I hope you all enjoyed the challenges. Let me know (email/slack) if you have any feedback on them! If you prefer to provide feedback anonymously, you can fill out https://forms.gle/Xughq7CDN6iSm6CE8

Cheers,

adamyi@

COMP6443 students are welcome to attend Wednesdays 6-7pm COMP6843 lectures

Posted by Jiaojiao Jiang Wednesday 10 June 2020, 05:44:43 PM.

Dear COMP6443 students,

You are welcome to attend COMP6843 lectures Wednesdays 6-7pm. Here is the zoom link https://unsw.zoom.us/j/98695713516 . You can also find the link on OpenLearning.

Cheers,

Jiaojiao

Guest Lecture - tonight

Posted by Jiaojiao Jiang Wednesday 10 June 2020, 05:31:35 PM.

Dear students,

We encourage all COMP6443 and COMP6843 students to attend the guest lecture from Srinivas Cnu tonight. I’m sure you are going to enjoy it.

Here is the zoom link to the guest lecture tonight https://unsw.zoom.us/j/98695713516 .

Cheers,

Jiaojiao

In-class presentation

Posted by Jiaojiao Jiang Tuesday 09 June 2020, 08:52:21 PM.

Dear students,

Welcome to week 2. We hope you enjoyed week 1 lectures & tutorials & teamwork in capturing the flags.

For this course, we encourage students to give weekly in-class presentations from one or two students/groups in the class for about 3-10 minutes on anything cool related to security or web app security, or solutions to a previous topic's challenges. Bonus points may be available for students doing awesome in class presentations. If anyone or group would like to do an in-class presentation, please feel free to email or chat with your tutor.

Best regards,

Jiaojiao

In-class presentation

Posted by Jiaojiao Jiang Tuesday 09 June 2020, 08:52:05 PM.

Dear students,

Welcome to week 2. We hope you enjoyed week 1 lectures & tutorials & teamwork in capturing the flags.

For this course, we encourage students to give weekly in-class presentations from one or two students/groups in the class for about 3-10 minutes on anything cool related to security or web app security, or solutions to a previous topic's challenges. Bonus points may be available for students doing awesome in class presentations. If anyone or group would like to do an in-class presentation, please feel free to email or chat with your tutor.

Best regards,

Jiaojiao

Guest Lecture - Wednesday 6-7pm 10/6/2020

Posted by Jiaojiao Jiang Monday 08 June 2020, 11:24:06 AM.

Dear students,

We are very glad that Srinivas Cnu has agreed to give a guest lecture on Wednesday 6-7pm 10/6/2020! Here is the topic of the guest lecture and a short bio of Srinivas.

Topic discussion finalised: Docker Security.

Bio: Srinivas, who works for a bank as Red Team member is an Offensive Security Certified Professional(OSCP), Offensive Security Certified Expert(OSCE) and passionate about Information Security. He authored a book titled "Hacking Android". He worked as Penetration Tester in the past and has hands-on experience in DevSecOps, Container Security, Web Application Security, Infrastructure Security, Mobile Application Security, IoT Security and Embedded Software Exploit Development (ARM & MIPS). He is one of the authors of FuzzAPI, a REST API vulnerability scanner. He is a speaker at Defcon 26 IoT Village and he delivered several talks and hands-on workshops at regional infosec events in India and Singapore.

Cheers,

Jiaojiao

No lecture today (8/6/2020)

Posted by Jiaojiao Jiang Monday 08 June 2020, 11:20:01 AM.

Dear students,

A kind reminder that there is no lecture today (8/6/2020). Enjoy the holiday.

Cheers,
Jiaojiao

Due date for Week 1 tasks - Sunday 5pm 7/06/2020

Posted by Jiaojiao Jiang Saturday 06 June 2020, 04:24:57 PM.

Dear students,

Here is a kind reminder that the due date for Week 1 tasks is Sunday 5pm 7/06/2020 .

We encourage students to study in groups and seek feedback from your friendly lab tutors and class peers constantly over the semester. Feel free to email us at cs6443@cse.unsw.edu.au if you have any question. You can also post your questions on OpenLearning or Slack. We will get back to you as soon as we can.

Have a good weekend.

Cheers,

Jiaojiao

Setting up your environment

Posted by Adam Yi Sunday 31 May 2020, 04:36:21 PM.

Once you have logged into OpenLearning, please take a look at the Week 0 Getting Started guide (under /content on OL), which will instruct you to authenticate yourself on the course infrastructure and set up some basic tooling that will be used throughout the term. Your tutors will be able to help you if you run into any troubles with it.

Since we are not using WebCMS3, please ask questions on OpenLearning instead. There's also an unofficial #comp6443 channel on SECedu slack ( https://seceduau.slack.com/signup ). You don't have to join it to do the course, but it's a nice way to reach out to your tutors and course staff unofficially. For official matters, please use email only.

Signing into OpenLearning via Moodle

Posted by Jiaojiao Jiang Sunday 31 May 2020, 02:08:57 PM.

Dear students,

Welcome to COMP6443/6843 Web Application Security and Testing!

For this course, we use OpenLearning. You shall sign into OpenLearning (OL) Via Moodle and use Moodle credentials the first time you sign into OL.

If you have any issue, please feel free to contact cs6443@cse.unsw.edu.au or leave comments below.

Wishing you an enjoyable and rewarding course.

Cheers,

Jiao

Welcome to the course!

Posted by Jiaojiao Jiang Sunday 31 May 2020, 02:07:58 PM.

Welcome to Web Application Security and Testing!