Overview
This course teaches learners how to use the Httpillage tool to distribute HTTP(s) based attacks across multiple nodes, similar to a traditional botnet C&C server. The learning outcomes include understanding how to launch common attacks like online password brute-force, denial of service, and application enumeration across multiple nodes to increase speed and effectiveness. The course covers topics such as Username Enumeration, Dictionary Attacks, Denial of Service, and Password Reset. The teaching method includes live demonstrations and practical scenarios. This course is intended for penetration testers, security professionals, and individuals interested in enhancing their understanding of distributed attacks in application security testing.
Syllabus
Intro
Penetration Tester vs Vulnerability Assessment
HTTP Pillage
Username Enumeration
Live Demo
Edit Job
Response Flag
Dictionary
Squiggly Bracket
Status codes
Spinning up another node
Thread count
Result
Local hosting
Search tip
verbose error message
Increasing exploitability
Expired tokens
Django envy
Forgot password mechanism
Character sets
Password reset
Weak tokens
Denial of service
Outro
Taught by
LASCON