Visit LEDU token page

How to Attack Session Management and Web Technologies

How to Attack Session Management and Web Technologies

  • English
  • Cybersecurity
  • Ethical HackingEthical Hacking
  • (906)
  • Project length: 1h 58m

In this project we will learn that what are the basics of Web Technologies because before attacking a Webapplication you should have the knowledge of basics that how the request works what are those 200 OK Status codes means etc. Many people doesn't have the knowledge of HTTP Protocols and how it works as well. So we will cover all the basics in this project. After that we will move ahead to Attacking Session Management Issues as well and we will learn that how a application manages a session and how you can look for some loopholes in that.

Overview

Introduction

This tutorial will cover all the details (resources, tools, languages etc) that are necessary to learn basics of web technologies protocols and how the application responds to a request, which headers are included and for which purpose. After that we will learn that what are some issue in the session managements of a website.

What are the requirements?

  • Basics knowledge of Burp Suite and its modules
  • Basics Knowledge about websites like how to submit a request
  • And the most important is: desire to learn

What is the target audience?

  • Those who want to start a career in Bug Bounties.
  • Learners who want to enhance their knowledge
  • Anyone who is interested in learning a new hobby

Project Outline

Session 1: Installing bWAPP

In this session are going to setup bWAPP as our testing environment as bWAPP has some vulnerabilities which we are going to describe in this project

Session 2: Installing DVWA

In this session, we will go ahead with DVWA installation as it has some good vulnerabilities like weak session id etc.

Session 3: What is Request and Response

In this session, we are going to cover some of the basics of the Web apps like what is request and response and what is the work on headers in request and response.

Session 4: HTTP methods

In this session, we are going to learn about different type of HTTP methods, why they are used and the difference between GET and POST in a detailed manner.

Session 5: HTTP Status Codes

In this session, we are going to learn about different type of status codes

Session 6: What are cookie

In this session, we will learn that what is cookies, why they are being used and different attributes that are being used in a cookie.

Session 7: Attacking Session Management

After covering all the basics we will move ahead and learn about attacking session management.

Sesion 7: Attacking Session Management Continued

In this session, we will cover some other methods which you can use to find bugs or flaws in the session management.

Session 7: Attacking Session Management Continued

In this session, we will learn some other techniques of attacking session management and we will wrap up this project as well.

Reviews

Average rating

4(906 Reviews)