×

Web Application Penetration Testing: Session Management Testing

Add to wishlistAdded to wishlistRemoved from wishlist 0
Add to compare+
Duration

2h 1m

level

Intermediate

Course Creator

Clark Voss

Last Updated

22-Feb-24

Learn what to look for while penetration testing session management using OWASP principles including brute-forcing, taking advantage of poorly implemented session fixation, and POST and GET requests implemented incorrectly to find weak spots.

Add your review

Poorly implemented session management can allow an attacker to exploit poor controls and gain access to sensitive information. In Web Application Penetration Testing: Session Management Testing, you’ll learn how to find those vulnerabilities before the bad guys do. First, you’ll explore cookies, what to look for during a pen-test, and how you can brute force your way passed the login prompt. Next, you’ll learn how easy it can be to hijack someone else’s session with session fixation. Finally, you’ll discover what session puzzling is and how to leverage it as an attacker. When you’re finished with this course, you’ll have a solid understanding of what to look for while penetration testing session management.
Author Name: Clark Voss
Author Description:
Clark has over 17 years of experience in all facets of information technology, from Desktop Support, Network Administration, System Administration, Software Quality Control, and Software generation. Now Clark is focusing his efforts on Information Security. Clark has received his Offensive Security Certified Professional (OSCP) certification. He is currently part of the uTest.com security team and is part of Synack.com’s red team, participating in finding security vulnerabilities in everything f… more

Table of Contents

  • Course Overview
    1min
  • Course Introduction
    2mins
  • Testing for Bypassing Session Management Schema
    29mins
  • Testing for Cookie Attributes
    16mins
  • Testing for Session Fixation
    7mins
  • Testing for Exposed Session Variables
    16mins
  • Testing for Cross-site Request Forgery
    8mins
  • Testing for Logout Functionality
    8mins
  • Testing Session Timeout
    10mins
  • Testing Session Puzzling
    11mins
  • Course Wrap-up
    6mins

User Reviews

0.0 out of 5
0
0
0
0
0
Write a review

There are no reviews yet.

Be the first to review “Web Application Penetration Testing: Session Management Testing”

Your email address will not be published. Required fields are marked *

Web Application Penetration Testing: Session Management Testing
Web Application Penetration Testing: Session Management Testing
Edcroma
Logo
Compare items
  • Total (0)
Compare
0
https://login.stikeselisabethmedan.ac.id/produtcs/
https://hakim.pa-bangil.go.id/
https://lowongan.mpi-indonesia.co.id/toto-slot/
https://cctv.sikkakab.go.id/
https://hakim.pa-bangil.go.id/products/
https://penerimaan.uinbanten.ac.id/
https://ssip.undar.ac.id/
https://putusan.pta-jakarta.go.id/
https://tekno88s.com/
https://majalah4dl.com/
https://nana16.shop/
https://thamuz12.shop/
https://dprd.sumbatimurkab.go.id/slot777/
https://dprd.sumbatimurkab.go.id/
https://cctv.sikkakab.go.id/slot-777/
https://hakim.pa-kuningan.go.id/
https://hakim.pa-kuningan.go.id/slot-gacor/
https://thamuz11.shop/
https://thamuz15.shop/
https://thamuz14.shop/
https://ppdb.smtimakassar.sch.id/
https://ppdb.smtimakassar.sch.id/slot-gacor/
slot777
slot dana
majalah4d
slot thailand
slot dana
rtp slot
toto slot
slot toto
toto4d
slot gacor
slot toto
toto slot
toto4d
slot gacor
tekno88
https://lowongan.mpi-indonesia.co.id/
https://thamuz13.shop/
https://www.alpha13.shop/
https://perpustakaan.smkpgri1mejayan.sch.id/
https://perpustakaan.smkpgri1mejayan.sch.id/toto-slot/
https://nana44.shop/
https://sadps.pa-negara.go.id/
https://sadps.pa-negara.go.id/slot-777/
https://peng.pn-baturaja.go.id/
https://portalkan.undar.ac.id/
https://portalkan.undar.ac.id/toto-slot/
https://penerimaan.ieu.ac.id/
https://sid.stikesbcm.ac.id/