Website Security Testing training – Module 6

Website Security Testing training – Module 6

As mentioned previously, I’m doing an online training course – Web Application Penetration Testing – from ELearnSecurity.

Module 6 – Session Security & Attacks

Module 6 covers the use of the Session Identifier, various methods of Session Hijacking and also how it can be prevented.

It covers the following:

Weaknesses of the Session Identifier
Session Hijacking via XSS
Session Hijacking through Packet Sniffing
Session Hijacking through access to Web Server
Session Fixation attack
Cross Site Request Forgeries (aka CSRF and XSRF)
Preventing CSRF

Pat Walsh2017-01-10T21:25:31+00:00September 30th, 2014|Categories: Penetration Testing, Security Testing, Website Security Testing training, Website Testing|Tags: Cross Site Request Forgeries, CSRF, Session Fixation attack, Session Hijacking, Session Hijacking through Packet Sniffing, Session Hijacking through web server access, Session Hijacking through XSS, Weaknesses of Session Identifier, website security testing, Website Security Testing training - module 6, XSRF Injection|