Authorization and Authentication can be confusing. In this video we look at their differences, and then focus on valid and invalid authorization bugs.
advertisement: this video was commissioned by the Google Vulnerablity Rewards Program for their site [ Ссылка ]
watch all BHU videos here: [ Ссылка ]-
00:00 - Intro
00:33 - Authentication vs. Authentication
02:04 - Complex Systems with Permissions and Roles
02:42 - Example #1: Permission Complexity
04:16 - "Fixes" for Authorization Bugs
04:48 - Roles vs. Permissions
05:53 - What are Authorization Bugs?
06:52 - Example #2: Confusing Invalid Auth "Bugs"
08:22 - Summary
-=[ ❤️ Support ]=-
→ per Video: [ Ссылка ]
→ per Month: [ Ссылка ]
-=[ 🐕 Social ]=-
→ Twitter: [ Ссылка ]
→ Instagram: [ Ссылка ]
→ Blog: [ Ссылка ]
→ Subreddit: [ Ссылка ]
→ Facebook: [ Ссылка ]
