Broken Authentication Testing Purpose Identify and exploit authentication and session management vulnerabilities in web applications. Broken authentication consistently ranks in the OWASP Top 10 and can lead to account takeover, identity theft, and unauthorized access to sensitive systems. This skill covers testing methodologies for password policies, session handling, multi-factor authentication, and credential management. Prerequisites Required Knowledge - HTTP protocol and session mechanisms - Authentication types (SFA, 2FA, MFA) - Cookie and token handling - Common authentication framewor…