Simple play icon Course
Skills

Web App Hacking: Hacking Authentication

by Dawid Czagan

This course helps to understand different types of vulnerabilities in an authentication mechanism. You'll learn how to test web applications for various authentication flaws and how to provide countermeasures for these problems.

What you'll learn

Authentication plays a crucial role in web application security. In this course, Web App Hacking: Hacking Authentication, you’ll learn about different types of vulnerabilities in an authentication mechanism. First, you’ll explore how the attacker can bypass password verification with SQL injection, and how they can learn a user’s password with dictionary attack. Next, you’ll cover how your credentials can be disclosed over an insecure channel when HTTPS is insecurely implemented in the web application. Additionally, you’ll discover how the attacker can impersonate you when the session ID isn't regenerated at the time of authentication, and how the attacker can learn who is registered in the web application. Finally, you’ll dive into industry best practices related to the authentication mechanism. By the end of the course, you'll know how to test web applications for various authentication flaws and how to provide countermeasures for these problems.

About the author

Dawid Czagan is listed among the Top 10 Hackers by HackerOne. He has found security vulnerabilities in Google, Yahoo, Mozilla, Microsoft, Twitter, and other companies. Due to the severity of these bugs, he has received numerous awards for his findings. He has delivered security training courses at key industry conferences, such as Hack In The Box, CanSecWest, 44CON, Hack In Paris, DeepSec, BruCON, and for many corporate clients. His students include security specialists from Oracle, Adobe, Red H... more

Ready to upskill? Get started