Search Results

web

Session Management DVWA

Log in to DVWA admin/password, Session IDs have 4 levels (low, medium, high, impossible) We will first inspect the low one. So, set the level to low Low This script is very basic and unsecure, due to the session ID is created in plaintext and uses the most common...

read more

Attacking & Securing Session Management

I am writing this based on OWASP and the book “The Web Application Hacker’s Handbook”. https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html Introduction The HTTP protocol is essentially stateless. It is based on a simple request-response...

read more

Web Application Tools

List of known tools that can help with your Web Application testing. Proxy Burp Suite - Integrated platform for performing security testing of web applications. Extensions Freddy the Serial(isation) Killer - detecting and exploiting serialisation libraries/APIs....

read more