Tutorial on how to test for Broken Authentication using Acunetix WVS tools
Submitted by Robert Abela on January 15, 2009 – 5:12 pmOne Comment
Broken authentication is the 7th in the OWASP top 10 web application vulnerabilities. It is a security problem that is prevalent in many web applications, especially custom ones or those written in-house. Sandro just published a tutorial showing how to identify these security issues and attack vulnerable web applications for educational purposes. To automate much of the process, Sandro makes use of Acunetix WVS HTTP Sniffer and the HTTP Fuzzer instead of writing custom tools to do this.
Click here for High Resoultion Version
[...] There are also other useful tools such as the HTTP Fuzzer and Sniffer which are good for examining HTTP traffic in detail and especially for exposing weak authentication schemes. [...]