Join now Sign in

From the course: Security Testing Essential Training

Unlock this course with a free trial

Join today to access over 24,900 courses taught by industry experts.

Penetration test techniques

Penetration test techniques

From the course: Security Testing Essential Training

Start my 1-month free trial Buy for my team

Penetration test techniques

“

- [Narrator] One of my favorite penetration testing techniques is password spraying. Instead of trying to brute force an application with one username and multiple passwords, you instead use multiple usernames, but only a single password. Why? Well, think about it for a moment. How many applications are going to lock out users after a single failed login attempt? Another way to look at that, how many security professionals would get replaced if they tried to put a policy like that in place? All you need is a password that at least one person is likely to be using today. If you're not sure where to start, try this model. Combine a season, a year, and a special character. For example, Summer2025! Will that password work in a password spraying attack? Chances are it will. It meets all of the most common password complexity requirements. Uppercase letter, lowercase letter, alpha numeric, at least eight characters long, includes a special character. The common password requirements are all…

Contents