Skip to content
This repository has been archived by the owner on Jan 26, 2021. It is now read-only.

A naive demo on how to stop a credential stuffing attack.

License

Notifications You must be signed in to change notification settings

zrosenbauer/demo-ato-series

Repository files navigation

DISCLAIMER

The code in this repo could be used to run credential stuffing (and other ATO) attacks. The code is super simple and there are a number of tools out there that would do a better job than my late-night hacked codez. This repo is NOT meant to be malicious in any manner, quite the opposite. I want to show security and non-security folks how easy it is to run an ATO attack with existing developer tools (I also show you how to stop this attack).

Introduction

This repo exists as apart of a blog series: Answering the "What", "Why" and "How" of Account Takeover. This series describes the anatomy of Account Takeover attacks and how to stop these attacks, before you end up in the news!

Need Help? - Try Precognitive

You can use the (or a) version of the naive demo to stop attacks but if you want to do more than just stop the simplest of credential stuffing attacks you should take a look at Precognitive. We've spent the last 3+ years building a platform that not only stops all types of credential stuffing but also utilizes behavioral analytics, native device integrations, and data modeling to stop multiple Account Takeover attack vectors.

Do you want to learn more? Feel free to email me directly.

Credits

Hackathon-Starter for an awesome boilerplate I can use to test my hacking skills 😄

About

A naive demo on how to stop a credential stuffing attack.

Topics

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Releases

No releases published

Sponsor this project

Packages

No packages published