As mentioned previously, I’m doing an online training course – Web Application Penetration Testing – from ELearnSecurity.
Module 8 – Authentication
Module 8 covers Authentication, including the most common authentication mechanisms, their weaknesses and the related attacks.
It covers the following:
- Single-factor Authentication
- Two-factor Authentication
- Credentials over un-encrypted channels
- Inadequate Password Policy
- User Enumeration
- Default accounts
- Remember Me feature
- Password Reset
- Logout weaknesses
- Direct page requests
- Incorrect Redirection