I really regret taking this course. It is poorly organized, outdated, and the content lacks interest. If I knew then what I know now, I would never have taken it.

The course is divided into two parts, VSSD and LBS, and it feels like you are taking two completely different courses.

VSSD consists mainly of weekly capture-the-flag exercises with write-ups. While these can be interesting, they are extremely time-consuming and are barely valued in the final evaluation.

LBS was a complete waste of time. The theoretical classes were terrible; it was very hard to focus or understand anything being...

Interesting course, worth it if you're interested in security. But I wouldnt say it's a must take.

So to give some context SSof is divided in 2. VSSD and LBS. They have different theoretical classes and labs and each have a "main" teacher

Vssd

• Each week there were Capture the flag exercises to do, they were fun and you learn about common software vulnerabilities but really time consuming. You had to do a write up for each exercise and later ones were harder to find the solution. So you end up spending a whole day each week on just these exercises (unless you cheat which I wouldn't...

I didn’t love this course, but it was definitely not the worst course I’ve taken during my degree. The course is divided into two main parts: LBS, taught by Professor Ana Almeida Mato, and VSSDs, taught by Professor Pedro Adão.

Overall, the structure makes sense, but the experience really depends on which part of the course you’re focusing on.

Theoretical Classes

The theoretical classes are quite important to understand both the weekly challenges and the lab classes. Without attending them, it would be much harder to follow what’s going on. That said, Professor Ana Mato is extremely...

Good course, with a lot of material to study from and really engaged professors. Keep in mind that it has multiple weekly graded lab challenges (based on exploiting a vulnerability to get a hidden flag), a big project, an obligatory exam and the biggest project practical test I've had for any course so far.

Half of the lab classes are exercises on paper, the other half is help for the lab challenges. As for the exercises on paper, a lot of exercises are too long, making them confusing and leading to many of the exercises not being solved during class. Thankfully they provided recorded...

There are 2 parts of this course: VSSD with professor Adão and LBS with professor Ana. Adão explains concepts very well and the VSSD labs are CTF style problems for students to apply their teachings hands-on with a real objective and tangible results. Ana on the other hand is not very eloquent and has difficulty speaking in front of a room of students and the LBS labs are mostly pen and paper problems.

I can certainly say that Adão was one of the best professors with some of the most fascinating course material of the Master's degree so far where as Ana's part was thoroughly lacking.

Each week you had one theoretical class for LBS and one for VSSD, and the same for labs. So basically, you had two completely different courses running at the same time.

VSSD labs were like CTFs with a scoreboard — the only part I actually enjoyed. LBS labs were just exam-style exercises.

Professors

Professor Ana Matos makes LBS painful.

Professor Miguel Pupo Correia gave the VSSD lectures. Not good, not bad, just meh.

Exam

The LBS part of the exam is the same style as the...

Contents

The first part was all about learning common vulnerabilities and how to exploit them (SQLi, XSS, Race Conditions, Buffer Overflow…) with Professor Pedro Adão. If you're into that kind of stuff, it's super interesting.

The second half (midway through the semester) was focused on studying information flow policies (e.g., Perl taint mode) and other similar mechanisms (like dynamic flow analysis in JavaScript).

It’s a complete context switch from the first half — it’s all about stuff like WHILE annotations, big-step/small-step...