Sunday, April 7, 2013

Session Security

There is two type of session attacks

  • Session Fixation
  • Session Hijacking


Session Fixation: User tries to attach explicitly and tries to set the session identifier through the URL. This is also called Session Riding because attacker may be able to "ride" on the same session.  Read More.....

Session Hijacking: In this attacker tries to get the session by guess. Read More.....



No comments:

Post a Comment