Module 11. Session Hijacking

A session hijacking attack refers to the exploitation of a session token-generation mechanism or token security controls that enables an attacker to establish an unauthorized connection with a target

Session hijacking can be either active or passive, depending on the degree of involvement of the attacker:

  • Active session hijacking: An attacker finds an active session and takes it over

  • Passive session hijacking: An attacker hijacks a session, and, instead of taking over, monitors and records all the traffic in that session

Previous2. Detect and Protect DOS and DDOS attacksNext1. Perform Session Hijacking

Last updated