Video Description

In this lab-based lesson, participants receive a lab and corresponding solution about specifically exploiting fields in a web page. In this lesson, the instructor uses insecure direct object references to manipulate price points on an online shopping site. Using the input field code, the instructor turns on the inceptor function in Burp Suite to capture a request to change parameters. This demonstrates how easy it is to make a change and get users to click on it, capturing their data.

Course Modules

Secure Coding