A4 and A2: Broken Applications

OWASP    |    Intermediate
  • 13 Videos | 1h 6m 11s
  • Includes Assessment
  • Earns a Badge
Likes 43 Likes 43
OWASP Top 10 list items 4 and 2 involve applications with broken access controls and broken authentication and session management.

WHAT YOU WILL LEARN

  • explain what Broken Access Control is
    how Broken Access Control can be exploited and what kind of access is needed to exploit it
    how easy it is to detect Broken Access Control and how common they are
    the technical and business impacts of Broken Access Control
    provide examples of Broken Access Control attacks
    guess URLs and parameters to gain access to web pages and data
    explain what Broken Authentication and Session Management is
  • how Broken Authentication and Session Management can be exploited and what kind of access is needed to exploit it
    how easy it is to detect Broken Authentication and Session Management and how common they are
    the technical and business impacts of Broken Authentication and Session Management
    provide examples of Broken Authentication and Session Management attacks
    retrieve sensitive data through password reset pages
    what an attacker can access if they exploit A4 or A2

IN THIS COURSE

  • Playable
    1. 
    A4 - Broken Access Control
    5m 36s
    UP NEXT
  • Playable
    2. 
    A4 - Broken Access Control Exploits
    8m 9s
  • Locked
    3. 
    A4 - Broken Access Control Detection
    5m 22s
    FREE ACCESS
  • Locked
    4. 
    A4 - Broken Access Control Impacts
    4m 44s
    FREE ACCESS
  • Locked
    5. 
    A4 - Broken Access Control Attacks
    7m 33s
    FREE ACCESS
  • Locked
    6. 
    A4 - Use Forced Browsing to Access Data
    2m 2s
    FREE ACCESS
  • Locked
    7. 
    A2 - Broken Authentication and Session Management
    4m 4s
    FREE ACCESS
  • Locked
    8. 
    A2 - Session Management Exploits
    5m 10s
    FREE ACCESS
  • Locked
    9. 
    A2 - Session Management Vulnerability Detection
    5m 47s
    FREE ACCESS
  • Locked
    10. 
    A2 -Session Management Impacts
    4m 7s
    FREE ACCESS
  • Locked
    11. 
    A2 - Session Management Attacks
    5m 17s
    FREE ACCESS
  • Locked
    12. 
    A2 - Exploit Password Reset Pages
    2m 42s
    FREE ACCESS
  • Locked
    13. 
    Exercise: What Can An Attacker Do With A4 and A2
    5m 38s
    FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

COURSE Microsoft Azure Security Technologies Bootcamp: Session 1 Replay
Likes 1 Likes 1  
COURSE Authentication and Authorization with AWS Identity and Access Management
Likes 1 Likes 1  
COURSE Introduction to AWS Organizations
Likes 1 Likes 1  

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

COURSE SOLID & GRASP
Likes 3218 Likes 3218  
COURSE Certified Secure Software Lifecycle Professional (CSSLP) 2019: Core Concepts
Likes 318 Likes 318  
COURSE A7 and A6: Leaky and Unprepared Applications
Likes 67 Likes 67