To explore other opportunities to develop my career, I attended another webinar on cybersecurity. Andrzej Dyjak – a security specialist behind bezpiecznykod.pl – presented several types of brute force attacks including the most important attack according to DBIR report, i.e. credential stuffing, but also password guessing and password spraying methods. The webinar included basics and purposes of attacks.
Because to test and secure a web application, you have to know the potential threats, Andrzej presented a practical demo of how to perform such attacks on a test application OWASP Juice Shop. This part of the webinar included basics of proxy configuration using Burp and performing real-life attacks using the Repeater and Intruder mechanism included in the software.
The webinar also covered OWASP Top Ten Web Application Security Risks and other official documents on risks and their prevention.