⌛ Attacking Predictable GUID
Few penetration testers and bug bounty hunters are aware of the different versions of GUIDs and the security issues associated with using the wrong one. In this blog post walk through an account takeover issue from a recent penetration test where GUIDs were used as password reset tokens.
https://www.intruder.io/research/in-guid-we-trust
#web #pentest #guid #account #takeover
Few penetration testers and bug bounty hunters are aware of the different versions of GUIDs and the security issues associated with using the wrong one. In this blog post walk through an account takeover issue from a recent penetration test where GUIDs were used as password reset tokens.
https://www.intruder.io/research/in-guid-we-trust
#web #pentest #guid #account #takeover
www.intruder.io
In GUID We Trust
GUIDs (often called UUIDs) are widely used in modern web applications. However, seemingly very few penetration testers and bug bounty hunters are aware of the different versions of GUIDs and the security issues associated with using the wrong one.
❤🔥4