August 2018
Intermediate to advanced
404 pages
10h 22m
English
Flawed authentication and session management is the second most critical vulnerability in web applications nowadays.
Authentication is the process whereby users prove that they are who they say they are; this is usually done through usernames and passwords. Some common flaws in this area are permissive password policies and security through obscurity (lack of authentication in supposedly hidden resources).
Session management is the handling of session identifiers of logged in users; in web servers, this is done by implementing session cookies and tokens. These identifiers can be implanted, stolen, or hijacked by attackers using social engineering, Cross-Site Scripting, CSRF, and so ...
Read now
Unlock full access