O'Reilly logo

Web Penetration Testing with Kali Linux by Aamir Lakhani, Joseph Muniz

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 5. Attacking Authentication

Authentication is the act of confirming the trust of one's identity. This might involve confirming the identity of a person, program, or hardware, such as verifying Joseph Muniz is a government employee, as well as his laptop is issued by the government agency. As a Penetration Tester, it is valuable to be able to gain the trust of a system and bypass security as an authorized entity.

The Certified Information Systems Security Professional (CISSP) curriculum classifies authentication based on three factor types, as follows:

  • Something you know, such as a PIN or password
  • Something you have, such as a smart card
  • Something you are, such as a fingerprint

The most common method by which people confirm their identity is ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required