Broken 인증 테스트
원문: Broken Authentication Testing
This skill should be used when the user asks to "test for broken authentication vulnerabilities", "assess session management security", "perform credential stuffing tests", "evaluate password policies", "test for session fixation", or "identify authentication bypass flaws". It pr
무엇을 하나요
Broken Authentication Testing Purpose Identify and exploit authentication and session management vulnerabilities in web applications. Broken authentication consistently ranks in the OWASP Top 10 and can lead to account takeover, identity theft, and unauthorized access to sensitive systems. This skill covers testing methodologies for password policies, session handling, multi factor authentication, and credential management. Prerequisites Required Knowledge HTTP protocol and session mechanisms Authentication types (SFA, 2FA, MFA) Cookie and token handling Common authentication frameworks Required Tools Burp Suite Professional or Community Hydra or similar brute force tools Custom wordlists fo…
실행 시 본인 API 키(BYOK)로 동작하며, 모델 비용은 사용자 계정에서 직접 결제됩니다.