Specialized Testing: Sessions and Tokens
Most web applications use sessions or tokens to maintain state or to implement authentication – and many can be attacked there. This course will teach you how to test for these kinds of vulnerabilities.
Sessions and tokens are often a weak spot in web applications when it comes to security. In this course, Specialized Testing: Sessions and Tokens, you’ll learn to audit an application for vulnerabilities in this area. First, you’ll explore the mechanics of sessions and tokens. Next, you’ll discover different ways to exploit session vulnerabilities. Finally, you’ll learn how to exploit token vulnerabilities. When you’re finished with this course, you’ll have the skills and knowledge of testing for session and token vulnerabilities in web applications needed to audit a web application.
Author Name: Christian Wenz
Author Description:
Christian Wenz is an architect, consultant and author focusing on web technologies. He wrote or co-wrote over 100 books, is a fixture at international developer conferences since 2001, is a Microsoft Most Valuable Professional (MVP) for Developer Technologies since 2004, and the main author of the official Zend PHP certification. His day job includes conducting security audits, migrating old code bases, implementing complex web applications and helping companies choose the right web strategy an… more
Table of Contents
- Course Overview
1min - Session and Token Fundamentals
13mins - Testing for Session Vulnerabilities
26mins - Testing for Token Vulnerabilities
14mins
There are no reviews yet.