Checkmarx Named a Leader in The Forrester Wave: SAST

Session Hijacking

Session Hijacking is the exploitation of the web session control mechanism, where the hacker exploits vulnerable connections and steals HTTP cookies to gain unauthorized access to sensitive information/data stored in web servers. This kind of attack, also known as Cookie Hijacking or TCP Session Hijacking, can be performed in many kinds of ways.

Besides using the ever-popular Cross-Site Scripting (XSS), hackers can also use session sniffing, man-in-the-middle (MITM) and man-in-the-browser techniques.

Read More


Jump to Category