The Web Application Hacker’s Handbook Discovering and Exploiting Security Flaws

If the application you are attacking uses this kind of defensive measure, you

Download 5,76 Mb. Pdf ko'rish bet 382/875 Sana 01.01.2022 Hajmi 5,76 Mb. #293004

If the application you are attacking uses this kind of defensive measure, you may find that probing the application for many kinds of common vulnerability is extremely time-consuming, and the mind-numbing need to log in after each failed test and renavigate to the point of the application you were looking at quickly leads you to give up. In this situation, you can often use automation to tackle the problem. When using Burp Intruder to perform an attack, you can use the Obtain Cookie feature to perform a fresh login before sending each test case, and use the new session token (provided that the login is single-stage). When browsing and probing the application manually, you can use the extensibility features of Burp Proxy via the  IBurpExtender interface. You can create an extension which Download 5,76 Mb. Do'stlaringiz bilan baham: