In this video, we cover Lab #5 in the Authentication module of the Web Security Academy. This lab is vulnerable to username enumeration using its response times. To solve the lab, we enumerate a valid username, brute-force this user's password, then access their account page.

- Your credentials: wiener:peter
- Candidate usernames: https://portswigger.net/web-security/...
- Candidate passwords: https://portswigger.net/web-security/...

▬ ✨ Support Me ✨ ▬▬▬▬▬▬▬▬▬▬
Buy my course: https://academy.ranakhalil.com/p/web-...

▬ 🔗 Links 🔗 ▬▬▬▬▬▬▬▬▬▬
Notes.txt document: https://github.com/rkhal101/Web-Secur...
Web Security Academy Lab Exercise: https://portswigger.net/web-security/...
Rana's Twitter account:   / rana__khalil