Authorization: Basic base64(username:password)
HTTP basic authentication is particularly vulnerable to session-related exploits, notably CSRF, against which it offers no protection on its own.
Disclaimer: As an Amazon Associate, I earn from qualifying purchases. This helps support this GitBook project at no extra cost to you.
The Web Application Hacker’s Handbookarrow-up-right The go-to manual for web app pentesters. Covers XSS, SQLi, logic flaws, and more
Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilitiesarrow-up-right Learn how to perform reconnaissance on a target, how to identify vulnerabilities, and how to exploit them
Real-World Bug Hunting: A Field Guide to Web Hackingarrow-up-right Learn about the most common types of bugs like cross-site scripting, insecure direct object references, and server-side request forgery.
Last updated 8 months ago
