0x5t4l1n/hunting
1
0
Fork 0
mirror of https://github.com/0x5t4l1n/hunting.git synced 2026-05-26 19:36:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
copilot/add-owasp-top-10-directory
hunting/OWASP-Top-10/A07-Identification-Authentication-Failures/README.md
T
copilot-swe-agent[bot] ab9c127df3 Add comprehensive OWASP Top 10 directory structure with injection payloads 
Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com>
2026-01-04 18:24:32 +00:00

664 B
Raw Permalink Blame History

A07 - Identification and Authentication Failures

Description

Previously known as Broken Authentication, this category includes failures related to user identity, authentication, and session management. This can allow attackers to compromise passwords, keys, or session tokens, or exploit implementation flaws to assume other users' identities.

Common Vulnerabilities

  • Weak password requirements
  • Credential stuffing
  • Broken session management
  • Missing multi-factor authentication
  • Insecure password recovery
  • Session fixation

Testing Approach

Test authentication mechanisms, session handling, password policies, and account recovery processes.

Reference in New Issue View Git Blame Copy Permalink