Authentication and Authorization Testing with Burp Suite

Focused View

Ricardo Reimao

1:24:19

101 View

1. Course Overview

1. Course Overview.mp4

01:28

2. Assessing Authentication Schemes

1. Understanding Authentication and Authorization.mp4

05:19

2. Username Enumeration.mp4

10:15

3. Password Brute Forcing.mp4

11:08

4. Password Reset Attacks.mp4

02:32

5. Bypassing Authentication.mp4

07:45

6. Cookie Security.mp4

10:19

7. Insecure Account Registration.mp4

08:03

3. Authorization Flaws

1. Weak Session Management and IDORs.mp4

08:58

2. Directory Transversal.mp4

04:36

3. LocalRemote File Inclusions.mp4

06:11

4. Privilege Escalation.mp4

04:37

5. Course Closure.mp4

03:08

Description

Authentication and authorization are some of the most important security mechanisms in a web application, since they control the access to the data. This course will teach you how to test those mechanisms using Burp Suite.

What You'll Learn?

The authentication and authorization mechanisms of a web application are among the most important security features of the tool. They are responsible for allowing access to sensitive pages and data, and any vulnerabilities might lead to unauthorized access or sensitive data leakage. In this course, Authentication and Authorization Testing with Burp Suite, you’ll learn how to assess authentication/authorization mechanisms using Burp Suite. First, you’ll explore how to assess login/registration pages using Burp Suite. Next, you’ll discover some common vulnerabilities in session handling. Finally, you’ll learn how to exploit authorization flaws to gain access to sensitive data. When you’re finished with this course, you’ll have the skills and knowledge of Burp Suite needed to assess the authentication and authorization mechanisms of a web page.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Ethical Hacking

Penetration Testing

Ricardo Reimao

Instructor's Courses

Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 14+ years of IT experience, 10 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.