authentication 9

• Lab 09: Brute-forcing a stay-logged-in cookie Dec 20, 2025
• Lab 08: 2FA broken logic Dec 20, 2025
• Lab 07: 2FA simple bypass Dec 20, 2025
• Lab 06: Broken brute-force protection, multiple credentials per request Dec 19, 2025
• Lab 05: Username enumeration via account lock Dec 19, 2025
• Lab 04 : Broken brute-force protection, IP block Dec 19, 2025
• Lab 03: Username enumeration via response timing Dec 19, 2025
• Lab 02: Username enumeration via subtly different responses Dec 19, 2025
• Lab 01 : Username enumeration via different responses Dec 19, 2025