In this video, learn about session hijacking.
- [Instructor] Cookies are often used for…web application authentication.…After a user logs into a system,…the web server provides a cookie,…so that the user doesn't need to continuously…log into the system every time he or she…requests a new webpage.…Presenting the cookie with each request…causes the web server to reference…the earlier successful login.…One major flaw with some web applications…is that they don't use random cookies.…Instead, they use a guessable value.…Let's go ahead and take a look at an example.…
Once again, we'll turn to the WebGoat…application security demonstration tool…and the Zap web proxy.…This time, we're using a simple web application…that asks for a user name and a password…and has a login button.…I have two accounts that I know exist on this server,…and I'm going to go ahead and start the…Zap application proxy, and tell it to…intercept the login request.…I go back to the application.…The first time I'll log on…with the WebGoat account, and click the login button.…
Zap intercepts that request,…
- Comparing viruses, worms, and Trojans
- Backdoors and logic bombs
- Understanding the attacker
- Attack types: from denial of service to brute force attacks
- Preventing insider threats
- Wireless attacks
- Understanding cross-site scripting
- Preventing SQL injection
- Social engineering
- Scanning for vulnerabilities
- Penetration testing
- Assessing the impact of vulnerabilities
Skill Level Beginner
IT Security Foundations: Core Conceptswith Lisa Bock1h 13m Beginner
Insights from a Cybersecurity Professionalwith Mike Chapple32m 15s Appropriate for all
2. Understanding Attackers
3. Understanding Attack Types
4. Wireless Attacks
5. Application Attacks
6. Social Engineering Attacks
7. Vulnerability Scanning and Penetration Testing
8. Impact of Vulnerabilities
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.