Authentication

Master exploiting authentication mechanisms through real-world scenarios, covering enumeration and brute force, session management, OAuth, MFA/2FA and JWT vulnerabilities. This module will focus on understanding and mitigating critical vulnerabilities in authentication systems. We will first learn enumeration and brute forcing authentication mechanisms, followed by exploring session management and various attacks that can be performed against insecure implementations. We will cover a range of topics, including JSON Web Tokens (JWT), OAuth vulnerabilities covering missing state parameters, token stealing and many more. Finally, we will explore the significance of MFA/2FA in adding layers of security and exploiting them. All the rooms are equipped with realistic scenarios to practically allow you to explore and address various vulnerabilities.