Web Fundamentals for Cyber Security | Web Authentication! | 0x05 (Animated)

février 8, 2023 Mourad ELGORMA

⭐️ In this episode I cover BASIC, DIGEST, Session and Token based Web Authentication techniques, each with 4 stages of detail, first an explanatory animation, then a quick code along in python, a live demo, and finally a review of the underlying requests made and some bonus content too.Taking you one step towards being the ultimate web hacker in my Web Fundamentals for Cyber Security series!

Join me in my future Web Fundamentals for Cyber Security series! This will be about 20 episodes long, and then the fun begins!
🔗 Playlist Link – https://www.youtube.com/playlist?list=PLwnDE0CN30Q9x3JMsHrRMGoLhpF8vZ1ka

Code: https://github.com/SecAuraYT/WebFund4Cyber

⏱️Timestamps/Steps:
➡️ 00:00 – Intro
➡️ 00:18 – Basic Authentication – Animation
➡️ 00:37 – Basic Authentication – Let’s Code
➡️ 01:37 – Basic Authentication – Live Demo
➡️ 01:50 – Basic Authentication – Request Analysis
➡️ 02:10 – Basic Authentication – BurpSuite Decode

➡️ 02:16 – Digest Authentication – Animation
➡️ 02:44 – Digest Authentication – Let’s Code
➡️ 03:19 – Digest Authentication – Live Demo
➡️ 03:32 – Digest Authentication – Request Analysis

➡️ 03:49 – Session Authentication – Animation
➡️ 04:14 – Session Authentication – Let’s Code
➡️ 05:23 – Session Authentication – Live Demo
➡️ 05:36 – Session Authentication – Request Analysis
➡️ 06:05 – Session Authentication – Cross Site Scripting/XSS review

➡️ 06:38 – TOKEN/Json Web Token(JWT) Authentication – Request Animation
➡️ 07:07 – TOKEN/JWT Authentication – Request Let’s Code
➡️ 07:23 – TOKEN/JWT Authentication – Request Live Demo
➡️ 07:35 – TOKEN/JWT Authentication – JWT Decode/Encode Analysis
– the notebook HTB link: https://www.youtube.com/watch?v=S4FrlMTY0GY
➡️ 08:08 – Outro

For more Cyber security/hacking/pentesting beginner based content, check out the rest of my channel covering:
⭐️Web application security:
🔗Web Fundamentals for Cyber Security Series https://youtube.com/playlist?list=PLwnDE0CN30Q9x3JMsHrRMGoLhpF8vZ1k
🔗HackTheBox | Web/OSWE https://youtube.com/playlist?list=PLwnDE0CN30Q8v96qSSUz2kKjQqvz6aE7k
🔗OSWE « Build and Break it » Guide (Offensive Security Web Expert) https://youtube.com/playlist?list=PLwnDE0CN30Q83Ym58wJdPkbdpTfnv36m9
– SQL injection, Server Side template Injection, XSS, remote code execution/Injection(RCE) XXE(XML Enternal Entity Injection) etc.

⭐️Linux Hacking + Priv esc – https://youtube.com/playlist?list=PLwnDE0CN30Q-WgG8V-VsTCh0RjjeZnnUG
⭐️Windows Hacking + Priv esc- https://youtube.com/playlist?list=PLwnDE0CN30Q9LYDow6QvgsSdIbWxKJ8-A
⭐️Active Directory Hacking – https://youtube.com/playlist?list=PLwnDE0CN30Q-lgjxqE8lqN4MxXY8mIgFy

Credit to https://testdriven.io/blog/web-authentication-methods/ for help with the code aspect.

Views : 442
cyber security

Source by SecAura