Job Opening for Tester of Web Apps at Moolya >>Could you spot this? This is intentional!

A Gentle Introduction to Session Hijacking

We all know that Session Hijacking is bad, and that we should protect ourselves and our applications against it.  But it's difficult to get easy-to-understand information about what it is, and how to test for it.  In this post, I'll first describe the different types of session hijacking, and then I'll provide a walkthrough on how to test for session hijacking using the OWASP Juice Shop and Burp Suite.Session Hijacking refers to when a malicious user gets access to authentication information, and uses it to impersonate another user or gain...


Share |

Published By: The Testing Planet - Saturday, 14 July