Video Description

In this lesson, participants receive a demo of session ID Entropy Analysis. Using mutillidea to set the security level to 1 to allow anti CSRF tokens to be seen. Using the interceptor in Burp Suite, responses are forwarded in order to receive a CSRF token response. The sequencer allows the live capture of tokens and states a value. During a live capture, about 200 tokens are needed for a strong analysis to view the overall quality of randomness.

Course Modules

Secure Coding