OWASP Top 10: A07:2021-Identification & Authentication Failures
OWASP 2022
| Intermediate
- 14 Videos | 1h 18m 22s
- Includes Assessment
- Earns a Badge
Hardening user and device authentication can go a long way in securing web applications. In this course, learn the difference between authentication and authorization and how they relate to web application security. Next, explore how to hash and encrypt user credentials and harden user accounts through Microsoft Group Policy and practice using freely available tools to crack user credentials in various ways, including the Hydra tool, Burp Suite, and John the Ripper. Finally, learn how to enable user multi-factor authentication and conditional access policies, as well as how to mitigate weak authentication. Upon completion, you'll be able to recognize how to discover and mitigate authentication vulnerabilities using various tools.
WHAT YOU WILL LEARN
-
discover the key concepts covered in this coursedifferentiate between authentication and authorizationrecognize how weak authentication configurations can lead to system compromisehash user credentialsencrypt user credentialsanalyze plain text credential transmissions using Wiresharkdeploy password policies to harden user authentication settings using Microsoft Group Policy
-
crack web form passwords using the Hydra toolcrack web form passwords using Burp Suitecrack RDP passwords using Hydracrack Linux passwords using John the Rippersteal user credentials using the Social-Engineer Toolkit (SET)enable multi-factor authentication for a Microsoft Azure cloud user accountsummarize the key concepts covered in this course
IN THIS COURSE
-
1.Course Overview59sUP NEXT
-
2.Authentication and Authorization6m 34s
-
3.Broken Authentication Attacks5m 48s
-
4.Hashing Credentials6m 15s
-
5.Encrypting Credentials over the Network6m 41s
-
6.Analyzing Plain Text Transmissions Using Wireshark6m 24s
-
7.Deploying Password Policies Using Group Policy4m 51s
-
8.Cracking Web Form Passwords with Hydra9m 13s
-
9.Cracking Web Form Passwords with Burp Suite4m 42s
-
10.Cracking RDP Passwords with Hydra5m 58s
-
11.Cracking Linux User Account Passwords6m 33s
-
12.Stealing Credentials Using Deception5m 59s
-
13.Enabling User Multi-factor Authentication7m 16s
-
14.Course Summary1m 10s
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform
Digital badges are yours to keep, forever.