Learn how you can perform web application penetration testing on a website’s Identity Management, Authentication and Authorization mechanism and help organizations view their security posture before a malicious hacker exploits them.
Hackers are getting access to your sensitive data by exploiting web application vulnerabilities. In this course, Penetration Testing of Identity, Authentication and Authorization Mechanism, you will gain the ability to perform web application pentesting. First, you will learn Identity Management. Next, you will discover how to crack a websites' Authentication. Finally, you will explore how to bypass Authorization mechanism. When you’re finished with this course, you will have the skills and knowledge of web application penetration testing needed to perform different attack scenarios.
Prasad is an Application Security Consultant with primary focus on providing services across the Secure Development Life cycle, Application Security and Penetration Testing spectrum. He is a part time bug bounty hunter.
Course Overview (Music) Hi everyone. My name is Prasad Salvi, and welcome to my course, Penetration Testing of Identity, Authentication, and Authorization Mechanism. I'm an application security consultant and penetration tester at a large payment processing company. Did you know that many pen testers today are only focusing on very high level test cases while performing security testing? This course is designed to expand your knowledge beyond focusing on well-known attack techniques. We will be attacking web applications through a hands-on approach using Burp Suite as a pen testing tool of choice. Some of the major topics that we will cover include identity management testing, cracking authentication, and bypassing authorization checks. By the end of this course, you will know how to perform all these techniques at a comfortable and efficient level to better perform your job as a pen tester. Before beginning the course, you should be familiar with client server architecture, security testing basics, and Burp Suite proxy. I hope you'll join me on this journey to learn how to be a great web app pen tester, with Penetration Testing of Identity, Authentication, and Authorization Mechanism course, at Pluralsight.