00 — Overview

Broken Authentication

Weak login flows, no rate limiting, insecure password resets — learn how authentication systems fail and how to find and exploit those failures.

Intermediate·50 min·8 tasks

// By the end of this module

→Identify broken authentication patterns: weak credentials, no lockout

→Exploit username enumeration to target valid accounts

→Perform credential brute force against login forms with Hydra

→Bypass authentication using parameter manipulation and default accounts

// Prerequisites

Foundation · Beginner

35 min