CEH Practical Guide

⌘Ctrlk

Module 11. Session Hijacking

A session hijacking attack refers to the exploitation of a session token-generation mechanism or token security controls that enables an attacker to establish an unauthorized connection with a target

Session hijacking can be either active or passive, depending on the degree of involvement of the attacker:

Active session hijacking: An attacker finds an active session and takes it over
Passive session hijacking: An attacker hijacks a session, and, instead of taking over, monitors and records all the traffic in that session

Previous2. Detect and Protect DOS and DDOS attacks Next1. Perform Session Hijacking

Last updated 1 year ago