[Web Exploitation]
<aside> 💡 Authentication - Verifying someone’s identity, that they are who they say they are.
</aside>
<aside> 💡 Authorization - What authenticated users CAN and CANNOT do (levels of access)
</aside>
<aside> 💡 Fuzzing - Automated process of testing elements of an application to give some vulnerability or valuable info.
</aside>
With Burp Suite -
Intercepting the login form of the website, and passing dummy data to test it.
Sending the username/password data to Intruder and clearing parameters.
Adding parameters to bruteforce password and adding a list of possible passwords.
Starting the Attack
Questions :-
questions are easy but Sniper Attack Type works instead of ClusterBomb.