YoVDO

Web Application Session Strength

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Web Application Security Courses Data Security Courses Web Servers Courses Key Management Courses Session Management Courses HTTP Requests Courses

Course Description

Overview

Explore web application security in this Black Hat USA 2004 conference talk focusing on session strength. Delve into various aspects of session management, including session states, tokens, and potential threats. Examine key spaces, password security, and session attacks. Learn about token creation, dynamic tokens, and user number tokens. Investigate the "Lucky Monkey" concept and its values. Analyze HTTP requests, confidentiality, and encoding techniques. Gain insights into session management best practices, phase space analysis, and key management. Discover how different web servers and programming languages like PHP and Java handle session tokens and cookies. Understand the importance of session expiration and modeling user behavior. Conclude with a comprehensive overview of data security in web applications.

Syllabus

Intro
Not like Syntax Errors
Windows XP
Session State
Session Tokens
What are the threats
Key spaces
Passwords
Session Attacks
Token Creation
Dynamic Token
User Number
Token
Lucky Monkey
Lucky Monkey Values
PEPSI
HTTP Request
Confidentiality
Encoding
Session Management
Summary
Phase Space Analysis
Key Management
Web Servers
PHP
Java
Session Tokens and Cookies
Session Expiration
Model User Behavior
Data Security
Quick Summary


Taught by

Black Hat

Related Courses

Server-side Development with NodeJS
The Hong Kong University of Science and Technology via Coursera Cloud Computing Infrastructure
University System of Maryland via edX HTTP & Web Servers
Udacity Raspberry Pi Full Stack
Udemy The Complete Node.js Developer Course (3rd Edition)
Udemy