Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

User Enumeration via Password Reset Form Timing Differences #151

Closed
adamcaudill opened this Issue Feb 23, 2019 · 0 comments

Comments

Projects
1 participant
@adamcaudill
Copy link
Owner

commented Feb 23, 2019

Add a check for user enumeration using the password reset form, looking at timing differences between valid and invalid users.

This is half of #60

@adamcaudill adamcaudill added this to the v0.7 milestone Feb 23, 2019

@adamcaudill adamcaudill self-assigned this Feb 23, 2019

@adamcaudill adamcaudill added this to To Do in Vulnerability Scanner Overhaul via automation Feb 23, 2019

Vulnerability Scanner Overhaul automation moved this from To Do to Done Mar 11, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.