Ethical Hacking (part 8.0/20): Session Hijacking concept explained with tools and countermeasures
Note: The goal is to keep the content fresh and up to date. The latest update is as of 25/08/2021.
Note: All the provided knowledge is to prevent cyber criminals by sharing the knowledge of existing vulnerabilities, tools and countermeasures.
Introduction
From the user perspective, login and logout seems like easy operation. However, in the background, there is a lot of going on. This complex operation allows hackers to lurk in the depths of this process awaiting to hijack your session.
I have bad news — current technology and countless vulnerabilities give a lot of ways for hackers to hijack a session, making everyone to be in danger of stolen identity.
In this article, I will introduce a general introduction to session hijacking. In separate articles, I will cover more in depth knowledge.
Let’s see what’s in this article:
This article will cover:
- Session Hijacking concept
- Tools hacker use for session hijacking
- Session Hijacking countermeasures
Interested in Ethical hacking? Go and check out related articles:
- Footprinting and Reconnaissance with examples and tools
- Denial-of-Service explained
- Network scanning in depth with examples and tools
- Enumeration techniques with examples and tools
- Vulnerability analysis with examples and tools
- Spectre and Meltdown Vulnerability explained
- Microsoft Authentication Hacking with examples and tools
- Operating System Hacking with examples and tools
- Malware explained and how to protect against them
Session Hijacking concept
What’s session hijacking:
From Wikipedia: In computer science, session hijacking, sometimes also known as cookie hijacking is the exploitation of a valid computer session — sometimes also called a session key/token…
