Featured resource
pluralsight tech forecast
2025 Tech Forecast

Which technologies will dominate in 2025? And what skills do you need to keep up?

Check it out
Hamburger Icon
  • Course
    • Libraries: If you want this course, consider one of these libraries.
    • Security

Specialized Testing: Sessions and Tokens

Most web applications use sessions or tokens to maintain state or to implement authentication – and many can be attacked there. This course will teach you how to test for these kinds of vulnerabilities.

Christian Wenz - Pluralsight course - Specialized Testing: Sessions and Tokens
by Christian Wenz

What you'll learn

Sessions and tokens are often a weak spot in web applications when it comes to security. In this course, Specialized Testing: Sessions and Tokens, you’ll learn to audit an application for vulnerabilities in this area. First, you’ll explore the mechanics of sessions and tokens. Next, you’ll discover different ways to exploit session vulnerabilities. Finally, you’ll learn how to exploit token vulnerabilities. When you’re finished with this course, you’ll have the skills and knowledge of testing for session and token vulnerabilities in web applications needed to audit a web application.

Table of contents

About the author

Christian Wenz - Pluralsight course - Specialized Testing: Sessions and Tokens
Christian Wenz

Christian Wenz is an author, consultant and trainer focusing on web technologies. He wrote or co-wrote over 100 books, is a fixture at international developer conferences since 2001, is a Microsoft Most Valuable Professional (MVP) for ASP.NET, an ASPInsiders member, and main author of the Zend PHP 5.5 certification.

More Courses by Christian