This chapter covers techniques used to bypass and assess session management schemes. Session management schemes are used by applications to keep track of user activity, usually by means of session tokens. Web assessments of session management also involve determining the strength of session tokens used and whether those tokens are properly protected. We will learn how to use Burp to perform such tests.
- Title Page
- Copyright and Credits
- Packt Upsell
- Contributors
- Preface
- Getting Started with Burp Suite
- Getting to Know the Burp Suite of Tools
- Configuring, Spidering, Scanning, and Reporting with Burp
- Assessing Authentication Schemes
- Assessing Authorization Checks
- Assessing Session Management Mechanisms
- Assessing Business Logic
- Evaluating Input Validation Checks
- Attacking the Client
- Working with Burp Macros and Extensions
- Implementing Advanced Topic Attacks
- Other Books You May Enjoy
Introduction
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.