Tradecraft Security WeeklySubscribe

Identifying Weak Session Tokens Using Entropy – Tradecraft Security Weekly #15

Session management in web applications is extremely important in regards to securing user credentials and integrity within the application. Sometimes, session tokens can be predicted, provided the overall randomness is weak. If this is possible, a remote attacker may be able to compromise the session of an authenticated user. In this episode of Tradecraft Security Weekly, Beau Bullock (@dafthack) and Mike Felch (@ustayready) discuss the issues associated with creating session tokens with weak entropy!

LINKS: nVisium Blog OWASP Entropy

[audio src=""]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.