WEB APPLICATION SECURITY TESTING – 7. ATTACKING SESSION MANAGEMENT

This notes is for learning/educational purpose only. Use it at your own risks.  THE NEED FOR STATE Session management enables application to identify a given user over number of different requests. It is fundamental security component and also a prime target for attackers. With session management attacks, a user can masquerade as another user or…