Sorry I couldn't find more challenges but I'll share some interesting write ups .
This a longer challenge, maybe it's going to take some time, but strive to get the answers.
You'll find the OWASP Juice Shop app in tryhackme. We'll only be doing the authentication challenge, the sections that you have to do are:
Link: Juice Shop
Link: PicoCTF 2018
There is a new concept here. Sometimes some sites or web apps use JWT web token to auhthenticate users, but if is not implemented the correct way the login or authentication process becomes very insecure.
Let's first learn what is JWT here: introduction
No let's see common vulnerabilities:
Now that we know the theoretical part let's see the practical.
That's all for now, authentication is a very vast topic and there are a lot of technologies to discover, but for now that will be enough, if you keep playing CTFs and reading write ups you'll get to the next level. Let's go to the next section.