Skip to content

ChinmayChoudhury/Nasscom-Infosec-audit-Jcomp

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
Commerce
Commerce
 
 
bypass_login
bypass_login
 
 
secapp
secapp
 
 
serveraction
serveraction
 
 
sessionhijack
sessionhijack
 
 
README.md
README.md
 
 
hashedpasslogin.php
hashedpasslogin.php
 
 
pdo.php
pdo.php
 
 
plaintextlogin.php
plaintextlogin.php
 
 

Repository files navigation

Nasscom-Infosec-audit-Jcomp

bypass_login

This webapp is used to demonstrate bypassing of authentication by reusing a SESSION ID.

Commerce

To demonstrate web parameter changing to reduce price of items.

serveraction

To demonstrate changing cookie parameter to authenticate a user as admin.

sessionhijack

A 2FA based web app which could be manipulated to authorise attacker as any other user.

secapp

This web app have implementation of mitigation method to detect session fixation, session hijacking and broken authentication attacks.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages