6 under-the-radar resources to master authentication vulnerabilities:

1. OWASP Auth Cheat Sheet
2. SANS ISC
3. NIST Special Publication 800-63B
4. CERT Vulnerability Note Database
5. IETF RFCs on Authentication Protocols
6. OAuth 2.0 Security Best Practices

(thread)

1. OWASP Authentication Cheat Sheet. @owasp 

Go here: https://cheatsheetseries.owasp.org/cheatsheets/Authentication_Cheat_Sheet.html

2. SANS Institute Security Resources. I suggest looking at the SANS Internet Storm Center (ISC) @SANSInstitute and search for "authentication"

Go here: https://www.sans.org/security-resources/ and look in the "Free Cybersecurity Resources" section

3. NIST Special Publication 800-63B. @NISTcyber 

Go here: https://pages.nist.gov/800-63-3/sp800-63b.html

4. CERT Vulnerability Note Database @SEI_CMU 

Go here: https://www.kb.cert.org/vuls/search/?q=authentication

5. IETF RFCs on Authentication Protocols. @ietf 

Go here: https://datatracker.ietf.org/doc/search and search for "authentication". 

I suggest starting with the basics: https://datatracker.ietf.org/doc/html/rfc1334

6. OAuth 2.0 Security Best Practices Guide. @oauth_2 

Go here: https://datatracker.ietf.org/doc/html/draft-ietf-oauth-security-topics

7. More good stuff to come, so stay tuned, retweet this, and follow me @CristiVlad25 

#pentesting #infosec #cybersecurity #appsec #ethicalhacking