Web App Hacking: Hacking Authentication

This course helps to understand different types of vulnerabilities in an authentication mechanism. You'll learn how to test web applications for various authentication flaws and how to provide countermeasures for these problems.
Course info
Rating
(43)
Level
Beginner
Updated
Aug 9, 2017
Duration
1h 0m
Table of contents
Description
Course info
Rating
(43)
Level
Beginner
Updated
Aug 9, 2017
Duration
1h 0m
Description

Authentication plays a crucial role in web application security. In this course, Web App Hacking: Hacking Authentication, you’ll learn about different types of vulnerabilities in an authentication mechanism. First, you’ll explore how the attacker can bypass password verification with SQL injection, and how they can learn a user’s password with dictionary attack. Next, you’ll cover how your credentials can be disclosed over an insecure channel when HTTPS is insecurely implemented in the web application. Additionally, you’ll discover how the attacker can impersonate you when the session ID isn't regenerated at the time of authentication, and how the attacker can learn who is registered in the web application. Finally, you’ll dive into industry best practices related to the authentication mechanism. By the end of the course, you'll know how to test web applications for various authentication flaws and how to provide countermeasures for these problems.

About the author
About the author

Dawid Czagan is listed among the Top 10 Hackers by HackerOne. He has found security vulnerabilities in Google, Yahoo, Mozilla, Microsoft, Twitter, and other companies. Due to the severity of these bugs, he has received numerous awards for his findings.

More from the author
Web App Hacking: Caching Problems
Beginner
45m
10 May 2017
More courses by Dawid Czagan
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone. My name is Dawid. Welcome to my course, Web App Hacking: Hacking Authentication. I am a security instructor, researcher, and buck hunter. In this course I will discuss different types of vulnerabilities in authentication mechanisms. You will learn how to test web applications for various authentication flaws and how to provide the counter measures for these problems. I will show you how the attacker can bypass password verification with SQL injection. I will present how the attacker can learn user's password with dictionary attack. I will demonstrate how your credentials can be disclosed over an insecure channel when HTTPS is insecurely implemented in your web application. I will show you how the attack can impersonate you when session ID is not regenerated at the time of authentication. I will present how the attack can learn who is registered in your web application, and I will discuss industry best practices related to authentication mechanisms. By the end of the course you will know how to test web applications for various authentication flaws. You will also learn how to prevent these problems from happening. I hope you will join me on this journey to learn about attacks on authentication with the Web App Hacking: Hacking Authentication course at Pluralsight.

SQL Injection
In this module I will discuss SQL injection. First, I will briefly introduce this attack, and I will show you how the attacker can bypass password verification with SQL injection. You will see that SQL injection is a really powerful attack because it allows the attacker to get an unauthorized access to user's account without the knowledge of user's password.

Dictionary Attack
In this module I will discuss dictionary attack. This attack is about automated password guessing. First, you will learn how this attack works, and then you will learn how to launch a dictionary attack in practice with a tool called Hydra. Finally, the countermeasure for this attack will be discussed.

HTTPS Enforcement
In this module I will discuss HTTPS Enforcement. First, I will briefly explain the difference between HTTP and HTTPS. Then I will tell you what HTTPS Enforcement is, and why it is so important subject. Finally, I will show you a demo and in the demo you will see how user's credentials can be disclosed over insecure channels when HTTPS enforcement is not implemented in your web application.

Session Regeneration
In this module you will learn about session regeneration. I will show you that secure HTTPS is not enough. You also have to remember about secure session management. Security is as strong as the weakest point in the chain and attackers know about it. When your session ID is not regenerated at the time of authentication, then the attacker can impersonate you, and this is exactly what I will present in this module.

User Enumeration
In this module I will discuss user enumeration. I will explain how user enumeration works and how to test for user enumeration in authentication mechanism. What's more, the countermeasure for user enumeration will be discussed because we don't want the attacker to learn who is registered in our web application.

Industry Best Practices
In this module I will tell you about industry best practices related to authentication mechanism. I will focus on two subjects, strong password policy, which is used to prevent users from using weak passwords, and two-factor authentication, which is used to keep your account safe, even if your password has been stolen by the attacker.