Searching for Weak Credentials

Explore how to identify weak credentials by automating login attempts using Python tools such as requests and Selenium. Understand how to send HTTP POST requests for credential verification and develop custom vulnerability scanners to detect common security flaws without relying on CVE databases.

We'll cover the following...

Introduction
Looking for common errors
Exploring an HTML login form
Automating credential stuffing for web pages

Introduction

Vulnerability scanners can work in two different ways. One option is to identify the programs that are running on a system and then look up CVEs for those vulnerabilities. The other option is to search for common vulnerabilities that may exist in an application but don’t have an associated CVE.

We’ll be focusing on this second option. After identifying a vulnerability to exploit, we can craft exploit packets and automate the process of searching for systems that contain the vulnerability. ...

1.Introduction to Scapy

2.Port Scanning with Scapy

3.Developing Custom Vulnerability Scans

4.Creating Servers and Honeypots

Mini Project

5.Conclusion

Searching for Weak Credentials

Introduction