Search Results


Session Management DVWA

Log in to DVWA admin/password, Session IDs have 4 levels (low, medium, high, impossible) We will first inspect the low one. So, set the level to low Low This script is very basic and unsecure, due to the session ID is created in plaintext and uses the most common...

read more

Attacking & Securing Session Management

I am writing this based on OWASP and the book “The Web Application Hacker’s Handbook”. Introduction The HTTP protocol is essentially stateless. It is based on a simple request-response...

read more