Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.
In this lesson, participants receive a demo of session ID Entropy Analysis. Using mutillidea to set the security level to 1 to allow anti CSRF tokens to be seen. Using the interceptor in Burp Suite, responses are forwarded in order to receive a CSRF token response. The sequencer allows the live capture of tokens and states a value. During a live capture, about 200 tokens are needed for a strong analysis to view the overall quality of randomness.