We rely on session identification to manage many aspects of our application use, but an insecure session ID can be a significant security concern. In this video, you’ll learn about browser cookies, session IDs, session hijacking, and header manipulation.
If you have the right information, it may be possible to gain access to a user’s account information without any authentication. In this video, you’ll learn about session hijacking and I’ll demonstrate a live session hijack by gaining access to cookie information and manipulating HTTP headers.
Our browsers are very good at saving “cookies” of information to our hard drive, and these details can often be used against us. In this video, you’ll learn how session information saved in browser cookies can be easily manipulated in packet headers to gain unauthorized access to web applications.