O'Reilly logo

Burp Suite Cookbook by Sunny Wear

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Introduction

This chapter covers the basic penetration testing of authentication schemes. Authentication is the act of verifying whether a person or object claim is true. Web penetration testers must make key assessments to determine the strength of a target application's authentication scheme. Such tests include launching attacks, to determine the presence of account enumeration and guessable accounts, the presence of weak lock-out mechanisms, whether the application scheme can be bypassed, whether the application contains browser-caching weaknesses, and whether accounts can be provisioned without authentication via a REST API call. You will learn how to use Burp to perform such tests.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required