> ## Documentation Index
> Fetch the complete documentation index at: https://rootea.es/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication Vulnerabilities

> Recursos cross-platform para Authentication Vulnerabilities: máquinas HTB, labs PortSwigger y rooms TryHackMe curados, con writeups validados y skills relacionadas.

# Authentication Vulnerabilities

Esta página agrega los **recursos para practicar Authentication Vulnerabilities** de forma cross-platform: máquinas retiradas de Hack The Box, labs de PortSwigger Web Security Academy y rooms de TryHackMe, más recursos curados (HackTricks, PortSwigger, etc.) y skills relacionadas.

## Recursos curados

| Fuente      | Enlace                                                                                                     |
| ----------- | ---------------------------------------------------------------------------------------------------------- |
| PortSwigger | [https://portswigger.net/web-security/authentication](https://portswigger.net/web-security/authentication) |

## Máquinas HTB que practican Authentication Vulnerabilities (4)

| Máquina                                            | SO      | Dificultad                                           |
| -------------------------------------------------- | ------- | ---------------------------------------------------- |
| [Cache](/htb/machines/linux/medio/cache)           | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Epsilon](/htb/machines/linux/medio/epsilon)       | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Helpline](/htb/machines/windows/dificil/helpline) | Windows | <span className="dbadge dbadge-hard">HARD</span>     |
| [NodeBlog](/htb/machines/linux/facil/nodeblog)     | Linux   | <span className="dbadge dbadge-easy">EASY</span>     |

## Labs PortSwigger que practican Authentication Vulnerabilities (27)

| Lab                                                                                                                                                                                      | Dificultad                                                 | Topic                          | Oficial                                                                                                                                         |
| ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | ------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------- |
| [2FA bypass using a brute-force attack](/portswigger/labs/authentication/multi-factor-2fa-bypass-using-a-brute-force-attack)                                                             | <span className="dbadge dbadge-easy">APPRENTICE</span>     | Authentication Vulnerabilities | [Abrir](https://portswigger.net/web-security/authentication/multi-factor/lab-2fa-bypass-using-a-brute-force-attack)                             |
| [2FA simple bypass](/portswigger/labs/authentication/multi-factor-2fa-simple-bypass)                                                                                                     | <span className="dbadge dbadge-easy">APPRENTICE</span>     | Authentication Vulnerabilities | [Abrir](https://portswigger.net/web-security/authentication/multi-factor/lab-2fa-simple-bypass)                                                 |
| [Authentication bypass via information disclosure](/portswigger/labs/information-disclosure/exploiting-infoleak-authentication-bypass)                                                   | <span className="dbadge dbadge-easy">APPRENTICE</span>     | Information Disclosure         | [Abrir](https://portswigger.net/web-security/information-disclosure/exploiting/lab-infoleak-authentication-bypass)                              |
| [Authentication bypass via OAuth implicit flow](/portswigger/labs/oauth/oauth-authentication-bypass-via-oauth-implicit-flow)                                                             | <span className="dbadge dbadge-easy">APPRENTICE</span>     | OAuth Authentication           | [Abrir](https://portswigger.net/web-security/oauth/lab-oauth-authentication-bypass-via-oauth-implicit-flow)                                     |
| [Broken brute-force protection, multiple credentials per request](/portswigger/labs/authentication/password-based-broken-brute-force-protection-multiple-credentials-per-request)        | <span className="dbadge dbadge-easy">APPRENTICE</span>     | Authentication Vulnerabilities | [Abrir](https://portswigger.net/web-security/authentication/password-based/lab-broken-brute-force-protection-multiple-credentials-per-request)  |
| [Host header authentication bypass](/portswigger/labs/host-header/exploiting-host-header-authentication-bypass)                                                                          | <span className="dbadge dbadge-easy">APPRENTICE</span>     | HTTP Host Header Attacks       | [Abrir](https://portswigger.net/web-security/host-header/exploiting/lab-host-header-authentication-bypass)                                      |
| [JWT authentication bypass via algorithm confusion](/portswigger/labs/jwt/algorithm-confusion-jwt-authentication-bypass-via-algorithm-confusion)                                         | <span className="dbadge dbadge-easy">APPRENTICE</span>     | JWT (JSON Web Tokens)          | [Abrir](https://portswigger.net/web-security/jwt/algorithm-confusion/lab-jwt-authentication-bypass-via-algorithm-confusion)                     |
| [JWT authentication bypass via algorithm confusion with no exposed key](/portswigger/labs/jwt/algorithm-confusion-jwt-authentication-bypass-via-algorithm-confusion-with-no-exposed-key) | <span className="dbadge dbadge-easy">APPRENTICE</span>     | JWT (JSON Web Tokens)          | [Abrir](https://portswigger.net/web-security/jwt/algorithm-confusion/lab-jwt-authentication-bypass-via-algorithm-confusion-with-no-exposed-key) |
| [JWT authentication bypass via flawed signature verification](/portswigger/labs/jwt/jwt-authentication-bypass-via-flawed-signature-verification)                                         | <span className="dbadge dbadge-easy">APPRENTICE</span>     | JWT (JSON Web Tokens)          | [Abrir](https://portswigger.net/web-security/jwt/lab-jwt-authentication-bypass-via-flawed-signature-verification)                               |
| [JWT authentication bypass via unverified signature](/portswigger/labs/jwt/jwt-authentication-bypass-via-unverified-signature)                                                           | <span className="dbadge dbadge-easy">APPRENTICE</span>     | JWT (JSON Web Tokens)          | [Abrir](https://portswigger.net/web-security/jwt/lab-jwt-authentication-bypass-via-unverified-signature)                                        |
| [Password reset broken logic](/portswigger/labs/authentication/other-mechanisms-password-reset-broken-logic)                                                                             | <span className="dbadge dbadge-easy">APPRENTICE</span>     | Authentication Vulnerabilities | [Abrir](https://portswigger.net/web-security/authentication/other-mechanisms/lab-password-reset-broken-logic)                                   |
| [Username enumeration via different responses](/portswigger/labs/authentication/password-based-username-enumeration-via-different-responses)                                             | <span className="dbadge dbadge-easy">APPRENTICE</span>     | Authentication Vulnerabilities | [Abrir](https://portswigger.net/web-security/authentication/password-based/lab-username-enumeration-via-different-responses)                    |
| [2FA broken logic](/portswigger/labs/authentication/multi-factor-2fa-broken-logic)                                                                                                       | <span className="dbadge dbadge-medium">PRACTITIONER</span> | Authentication Vulnerabilities | [Abrir](https://portswigger.net/web-security/authentication/multi-factor/lab-2fa-broken-logic)                                                  |
| [Authentication bypass via encryption oracle](/portswigger/labs/logic-flaws/examples-logic-flaws-authentication-bypass-via-encryption-oracle)                                            | <span className="dbadge dbadge-medium">PRACTITIONER</span> | Business Logic Vulnerabilities | [Abrir](https://portswigger.net/web-security/logic-flaws/examples/lab-logic-flaws-authentication-bypass-via-encryption-oracle)                  |
| [Authentication bypass via flawed state machine](/portswigger/labs/logic-flaws/examples-logic-flaws-authentication-bypass-via-flawed-state-machine)                                      | <span className="dbadge dbadge-medium">PRACTITIONER</span> | Business Logic Vulnerabilities | [Abrir](https://portswigger.net/web-security/logic-flaws/examples/lab-logic-flaws-authentication-bypass-via-flawed-state-machine)               |
| [Broken brute-force protection, IP block](/portswigger/labs/authentication/password-based-broken-bruteforce-protection-ip-block)                                                         | <span className="dbadge dbadge-medium">PRACTITIONER</span> | Authentication Vulnerabilities | [Abrir](https://portswigger.net/web-security/authentication/password-based/lab-broken-bruteforce-protection-ip-block)                           |
| [Brute-forcing a stay-logged-in cookie](/portswigger/labs/authentication/other-mechanisms-brute-forcing-a-stay-logged-in-cookie)                                                         | <span className="dbadge dbadge-medium">PRACTITIONER</span> | Authentication Vulnerabilities | [Abrir](https://portswigger.net/web-security/authentication/other-mechanisms/lab-brute-forcing-a-stay-logged-in-cookie)                         |
| [JWT authentication bypass via jku header injection](/portswigger/labs/jwt/jwt-authentication-bypass-via-jku-header-injection)                                                           | <span className="dbadge dbadge-medium">PRACTITIONER</span> | JWT (JSON Web Tokens)          | [Abrir](https://portswigger.net/web-security/jwt/lab-jwt-authentication-bypass-via-jku-header-injection)                                        |
| [JWT authentication bypass via jwk header injection](/portswigger/labs/jwt/jwt-authentication-bypass-via-jwk-header-injection)                                                           | <span className="dbadge dbadge-medium">PRACTITIONER</span> | JWT (JSON Web Tokens)          | [Abrir](https://portswigger.net/web-security/jwt/lab-jwt-authentication-bypass-via-jwk-header-injection)                                        |
| [JWT authentication bypass via kid header path traversal](/portswigger/labs/jwt/jwt-authentication-bypass-via-kid-header-path-traversal)                                                 | <span className="dbadge dbadge-medium">PRACTITIONER</span> | JWT (JSON Web Tokens)          | [Abrir](https://portswigger.net/web-security/jwt/lab-jwt-authentication-bypass-via-kid-header-path-traversal)                                   |
| [JWT authentication bypass via weak signing key](/portswigger/labs/jwt/jwt-authentication-bypass-via-weak-signing-key)                                                                   | <span className="dbadge dbadge-medium">PRACTITIONER</span> | JWT (JSON Web Tokens)          | [Abrir](https://portswigger.net/web-security/jwt/lab-jwt-authentication-bypass-via-weak-signing-key)                                            |
| [Offline password cracking](/portswigger/labs/authentication/other-mechanisms-offline-password-cracking)                                                                                 | <span className="dbadge dbadge-medium">PRACTITIONER</span> | Authentication Vulnerabilities | [Abrir](https://portswigger.net/web-security/authentication/other-mechanisms/lab-offline-password-cracking)                                     |
| [Password brute-force via password change](/portswigger/labs/authentication/other-mechanisms-password-brute-force-via-password-change)                                                   | <span className="dbadge dbadge-medium">PRACTITIONER</span> | Authentication Vulnerabilities | [Abrir](https://portswigger.net/web-security/authentication/other-mechanisms/lab-password-brute-force-via-password-change)                      |
| [Password reset poisoning via middleware](/portswigger/labs/authentication/other-mechanisms-password-reset-poisoning-via-middleware)                                                     | <span className="dbadge dbadge-medium">PRACTITIONER</span> | Authentication Vulnerabilities | [Abrir](https://portswigger.net/web-security/authentication/other-mechanisms/lab-password-reset-poisoning-via-middleware)                       |
| [Username enumeration via account lock](/portswigger/labs/authentication/password-based-username-enumeration-via-account-lock)                                                           | <span className="dbadge dbadge-medium">PRACTITIONER</span> | Authentication Vulnerabilities | [Abrir](https://portswigger.net/web-security/authentication/password-based/lab-username-enumeration-via-account-lock)                           |
| [Username enumeration via response timing](/portswigger/labs/authentication/password-based-username-enumeration-via-response-timing)                                                     | <span className="dbadge dbadge-medium">PRACTITIONER</span> | Authentication Vulnerabilities | [Abrir](https://portswigger.net/web-security/authentication/password-based/lab-username-enumeration-via-response-timing)                        |
| [Username enumeration via subtly different responses](/portswigger/labs/authentication/password-based-username-enumeration-via-subtly-different-responses)                               | <span className="dbadge dbadge-medium">PRACTITIONER</span> | Authentication Vulnerabilities | [Abrir](https://portswigger.net/web-security/authentication/password-based/lab-username-enumeration-via-subtly-different-responses)             |

## Rooms TryHackMe que practican Authentication Vulnerabilities (2)

| Room                                                           | Dificultad                                       | Tipo        | Acceso  | Oficial                                                  |
| -------------------------------------------------------------- | ------------------------------------------------ | ----------- | ------- | -------------------------------------------------------- |
| [Advent of Cyber 3 (2021)](/tryhackme/rooms/adventofcyber3)    | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Abrir](https://tryhackme.com/room/adventofcyber3)       |
| [Authentication Bypass](/tryhackme/rooms/authenticationbypass) | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🔵 VIP  | [Abrir](https://tryhackme.com/room/authenticationbypass) |

***

← [Volver al glosario completo](/glosario)

<script type="application/ld+json">
  {`{"@context":"https://schema.org","@type":"DefinedTerm","name":"Authentication Vulnerabilities","termCode":"authentication","inLanguage":"es","url":"https://rootea.es/skills/authentication","inDefinedTermSet":{"@type":"DefinedTermSet","name":"Glosario táctico de pentesting","url":"https://rootea.es/glosario"}}`}
</script>

<script type="application/ld+json">
  {`{"@context":"https://schema.org","@type":"ItemList","name":"Máquinas HTB que practican Authentication Vulnerabilities","numberOfItems":4,"itemListElement":[{"@type":"ListItem","position":1,"url":"https://rootea.es/htb/machines/linux/medio/cache","name":"Cache"},{"@type":"ListItem","position":2,"url":"https://rootea.es/htb/machines/linux/medio/epsilon","name":"Epsilon"},{"@type":"ListItem","position":3,"url":"https://rootea.es/htb/machines/windows/dificil/helpline","name":"Helpline"},{"@type":"ListItem","position":4,"url":"https://rootea.es/htb/machines/linux/facil/nodeblog","name":"NodeBlog"}]}`}
</script>

*Última actualización: 2026-06-07*
