Svitla Smart Talk. Vulnerabilities in web projects: Identification and Authentication Failures

14154-sst_site_3.jpg

 

One of the most popular forms of cyberattack is directed towards web applications. Recent data shows that 17% of attacks were successful due to security holes and vulnerabilities in web apps. Infected websites are used by cybercriminals for a wide range of nefarious activities, such as virus distribution, data theft, information implanting, fraud, and even internal network penetration. Don’t believe us? Here are some other scary facts:

  • Web application attacks are involved in 26% of all breaches, making it the second most common attack pattern.
  • An analysis of 7 million websites found that, on average, web apps experience 94 attacks per day.
  • Estimates show that over 12.8 million websites are infected with malware worldwide.

In our latest Svitla Smart Talk, Sviat Login talks about the many vulnerabilities inside web projects as well as some of the best practices for identification and authentication of failures. Some of the session’s key points will include:
 

  • Brute force attacks
  • Session hijacking
  • Http_only and Secure flags
  • Rainbow table
  • Protection recommendations

Sviat will also demo and offer practical advice for:

  • RainbowCrack + hashcat
  • Burp Suite + Hydra

We hope to see you there!

Speaker
Sviat Login is the head of QA at EVO with more than 8 years in overall testing experience and over 5 years in testing for web vulnerabilities. Speaker.