Tag feed

#sessionhijacking

10 posts0 followers

Explore Hashnode

Alternatives

Trending tags this week

NGNiranjan Gblog.securityinsights.ioMay 25 · 6 min read

The Hidden Threat After Login: Understanding Session Hijacking

You did everything right. You turned on multi-factor authentication (MFA). You use strong passwords. Maybe you even switched to passkeys. So how did an attacker still get into your email? The answer i

0

VNVũ Nhật Lâmblog.fiscybersec.comApr 20 · 13 min read

The Underground Access Economy: Storm Infostealer and the Era of Passwordless Attacks

Executive Summary In early 2026, Varonis Threat Labs identified Storm — a new infostealer circulating on underground cybercrime networks for under $1,000 per month. Storm is not simply another commodi

0

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.devApr 12 · 16 min read

Weak Session IDs in DVWA

1 Introduction In this post, the Weak Session IDs vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to work out how the ID is generat

0

SBSaanvi B Karpspoofingattack.hashnode.devDec 21, 2025 · 5 min read

ARP Spoofing and MITM Attacks

Introduction Computer networks work based on trust. Users inside a LAN trust each other to share information between them. One such important protocol is ARP (Address Resolution Protocol), which maintains a mapping of an IP address to the correspondi...

1

N

NRNandhana R s30-days-of-attack.hashnode.devDec 20, 2025 · 4 min read

Day 4: Session Hijacking

Introduction Session hijacking is one of the most practical and misunderstood web attacks. It does not rely on breaking passwords, exploiting cryptography, or abusing server-side vulnerabilities. Instead, it targets the trust relationship established...

0

FMFPT Metrodata Indonesianews.fmisec.comSep 3, 2025 · 3 min read

CitrixBleed 2 (CVE-2025-5777): Critical Out-of-Bounds Read in NetScaler ADC and Gateway

Security researchers have uncovered a high-severity vulnerability in Citrix NetScaler ADC and Citrix NetScaler Gateway—CVE-2025-5777, nicknamed “CitrixBleed 2.” This flaw allows an unauthenticated attacker to craft a specially malformed HTTP POST req...

0

IAIdo Abramovid0xa.hashnode.devJul 5, 2025 · 3 min read

HackTheBox - Session Security - Skills Assessment Walkthrough

Scenario You are currently participating in a bug bounty program. The only URL in scope is http://minilab.htb.net Attacking end-users through client-side attacks is in scope for this particular bug bounty program. Test account credentials: Email:...

0

MLManya Lambawebsecurity-bymn.hashnode.devDec 19, 2024 · 7 min read

Session Hijacking

Introduction: A Digital Heist in Plain Sight Imagine shopping online, adding items to your cart, and preparing to check out—only to find items you didn’t add. This could mean you’re a victim of session hijacking, where hackers steal your active sessi...

0

KKKshitij Kakadekshitijkakade.hashnode.devApr 1, 2024 · 4 min read

Understanding and Mitigating XSS Attacks in Web Applications

Cross-site scripting (XSS) is a menacing threat to web application security, allowing attackers to inject malicious scripts into websites, potentially leading to data theft, session hijacking, and unauthorized activities. This blog post delves into t...

0

HHaneunhanlee.hashnode.devApr 12, 2023 · 4 min read

Web Hacking: Cookie Tampering, Directory Traversal, Session Hijacking, Authentication Bypass, Brute Force Attack

Web hacking is a common technique used by attackers to exploit vulnerabilities in web applications. In this article, we will explore some common types of web attacks, including cookie tampering, directory traversal, session hijacking, authentication ...

0

#sessionhijacking

Search Hashnode

#sessionhijacking

Explore Hashnode

Trending tags this week

The Hidden Threat After Login: Understanding Session Hijacking

The Underground Access Economy: Storm Infostealer and the Era of Passwordless Attacks

Weak Session IDs in DVWA

ARP Spoofing and MITM Attacks

Day 4: Session Hijacking

CitrixBleed 2 (CVE-2025-5777): Critical Out-of-Bounds Read in NetScaler ADC and Gateway

HackTheBox - Session Security - Skills Assessment Walkthrough

Session Hijacking

Understanding and Mitigating XSS Attacks in Web Applications

Web Hacking: Cookie Tampering, Directory Traversal, Session Hijacking, Authentication Bypass, Brute Force Attack