This notes is for learning/educational purpose only. Use it at your own risks. AUTHENTICATION TECHNOLOGIES Wide range of technologies are available for authentication mechanism : HTML form-based authentication Multifactor mechanism like […]
This is lesson five of Web Application Security Testing blog series. In this lesson, you’ll learn about how data is transmitted from client to server, and how client side controls can be bypassed to capture the data and how those data can be secured at client side.
This is lesson four of Web Application Security Testing blog series. This part of series talks about how a web penetration tester should map the application for further attack. You’ll learn about how to enumerate content and functionalities and map the attack surfaces of application.
This is lesson three of Web Application Security Testing blog series. In this lesson, we’ll learn about basics of web communication, HTTP and HTTPS protocol, Various HTTP request and response headers, HTTP Request methods and various encoding schemes used during communication.
This is lesson two of Web Application Security Testing blog series. This lesson will introduce you about the core elements of defense mechanisms often employed by current web applications. It describes how user input, user access and attackers are handled by application.
This is lesson one of Web Application Security Testing blog series. This lesson will introduce you to common web applications we use today and current and future of web security.