OAuth Vulnerabilities

Описание: This episode continues the BSCP guide. Specifically, we focus on the OAuth framework and we showcase practical vulnerabilities that can be used to perform authentication bypasses.

If you are interested in web security testing, I have prepared a course in which I showcase how to find, exploit and explain 40 security issues.

Practical WAPT course: https://www.udemy.com/course/practica...

Discover and support my work
https://hexdump.sh
  / hexdump  

-------------------------

TIMESTAMP

00:00 Introduction to OAuth
08:17 Lab 1 - OAuth implicit flow
15:11 Lab 2 - OpenID client registration
23:35 Lab 3 - OAuth profile linking
30:01 Lab 4 - Account Hijacking via redirect_uri