Testing for bypassing authentication schemes

Applications may contain flaws, allowing unauthorized access by means of bypassing the authentication measures in place. Bypassing techniques include a direct page request (that is, forced browsing), parameter modification, session ID prediction, and SQL Injection.

For the purposes of this recipe, we will use parameter modification.

Get Burp Suite Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.