The following technical report is available from http://aib.informatik.rwth-aachen.de/: Maximillian Dornseif, Felix C. Gärtner, Thorsten Holz, Martin Mink An Offensive Approach to Teaching Information Security: "Aachen Summer School Applied IT Security" AIB 2005-02 Abstract: There is a general consensus that courses on data security at university degree level should be research-oriented and teach fundamentals of the field, i.e., items of long-term knowledge in contrast to technology-oriented system knowledge. Unfortunately, this consensus often results in courses that are either too theoretical or are outdated with respect to current developments in security technology. To understand the importance of information security, students should have the possibility to gain practical experience how security systems fail, using offensive techniques. In this article, we give an overview over a three-week intensive course on applied computer security we held at RWTH Aachen university. It brought together students from various countries and with different previous knowledge. We describe in detail the course outline, course contents and the lessons learned.