Additional Resources | David Bombal

Autoplay
Autocomplete

Previous Lesson Complete and Continue

Mastering Authentication Vulnerabilities - The Ultimate Hands-On Course

Introduction

Course Introduction (2:31)

Getting Help

Answering your questions (1:53)

Authentication Vulnerabilities - Technical Deep Dive

Agenda (1:00)
What are Authentication Vulnerabilities? (14:32)
How To Find & Exploit Authentication Vulnerabilities? (8:58)
How To Prevent Authentication Vulnerabilities? (4:18)
Additional Resources (0:45)

Lab Environment Setup

Lab Environment Setup (7:21)
Step-by-Step Guide

Hands-on Authentication Vulnerabilities Labs

Lab #1 Username enumeration via different responses (5:58)
Lab #2 2FA simple bypass (11:42)
Lab #3 Password reset broken logic (13:05)
Lab #4 Username enumeration via subtly different responses (9:19)
Lab #5 Username enumeration via response timing (13:54)
Lab #6 Broken brute-force protection, IP block (14:16)
Lab #7 Username enumeration via account lock (9:37)
Lab #8 2FA broken logic (9:31)
Lab #9 Brute-forcing a stay-logged-in cookie (17:09)
Lab #10 Offline password cracking (11:55)
Lab #11 Password reset poisoning via middleware (8:23)
Lab #12 Password brute-force via password change (25:04)
Lab #13 Broken brute-force protection, multiple credentials per request (16:42)
Lab #14 2FA bypass using a brute-force attack (9:49)

Bonus Lecture

Bonus Lecture

Teach online with

Additional Resources

Lesson content locked

If you're already enrolled, you'll need to login.

Enroll in Course to Unlock