We at the Institute of Application Security are interested in the broad spectrum of security and privacy that exist on the application level.
This includes the detection of vulnerabilities in source code or protocols, identification of novel security issues, and the development of procedures and tools to prevent security vulnerabilities.
Our current research focus is on the topics of software security including web application security, honeypots, fuzzing, novel privacy securing measures, the design and evaluation of security relevant protocols.
We hosted a fun CTF for 11th and 12th grade school students at the "Tag der Informatik". Learn how many young security hackers cracked our challenges, here.
Jannik presented his work on the pwntools exploit development framework at the 37C3 together with co-maintainer Arusekk. In the PWNing meetup session they showed off nifty features to save time during rapid exploit prototyping (slides).
Team CyberTaskForce Zero - represented by our colleagues Jannik Hartung, Tobias Jost and Malte Wessels, joined by student Leonard Jari Zurek - weren't afraid of no ghosts when they captured 6th place at The Haxorcist CTF. The Halloween themed competition with 30 attending teams was hosted on October 28th 2023 at the IBM Cyber Garage for Defense in Bonn, Germany by Laokoon SecurITy. Under patronage of Germany's federal data protection officer Ulrich Kelber, all teams were eager to show their hacking skills and proficiency in finding and exploiting vulnerabilities in multiple challenge categories like web applications and cryptography.
After multiple weeks and 27 hacking challenges our colleagues Jannik and Tobias managed to place in the top 20 on the qualifiers scoreboard of the Deutschlands Bester Hacker competition, thus attending the event finals for the second time in a row. More...
Jannik hacked satellites together with the german all-star team "krautsat" at the Hack-A-Sat competition - the first CTF in space! They even took their own photo of the earth.
The TUBS' Magazine published an article (GER) about Alexandra's work on the security and privacy implications for Internet users in times of Russia's ongoing invasion on Ukraine. More...
The end of this semester also marks the end of the first Seclab hosted at IAS. We celebrated the successful Praktikum by hosting a BBQ party and creating the Seclab Hall of Fame. If you enjoyed the Seclab and want more challenging tasks: Check out the Hacklab next semester!
The IAS and IBR institutes hosted the "2nd Cybersecurity Meetup Braunschweig" with 50 participants from academia and industry. more…
During her visit in Wien Alex attended the workshop 'Re-valuing European Research Infrastructures". Together with Sebastian Giessler they presented their work-in-progress about integrating Ethical Reviewing in CS Research more…
The second iteration of our Hacklab course was a great success! It's been a challenge and we are proud of your achievements! more...
Malte Wessels, IAS masters' graduate Benjamin Altpeter, and Lorenz Sieben gave their talk "Trackers in mobile apps and their legality—A look at the mobile tracking landscape" at FireShonks. more…
We are thrilled to announce that Marius Musch has successfully defended his dissertation and is now our institute’s first doctor. more...
For the following year our colleague Alexandra Dirksen is an ICFP fellow! In collaboration with OTF and CensoredPlanet she will take a closer look into the global Web PKI landscape during this time. more...
We are attending this years Annual Computer Security Applications Conference (ACSAC) to present our paper: "Accept All Exploits: Exploring the Security Impact of Cookie Banners".
A new member has joined our institute - we welcome Malte Wessels to our team!
The first iteration of our Hacklab was a success! Congratulations to all participants who hacked their way through a variety of fields such as web, reverse engineering and vehicle networking!
Marius Musch and Robin Kirchner will present our work on “Server-Side Browsers: Exploring the Web’s Hidden Attack Surface” at this year's Asia CCS conference in May!