skip to Main Content
This website use cookies which are necessary to its functioning and required to achieve the purposes illustrated in the privacy policy. To learn more or withdraw consent please click on Learn More. By continued use of this website you are consenting to our use of cookies.

GLOSSARY

Session Hijacking

Session hijacking is a cyberattack in which an attacker controls a user’s web session by exploiting the web session control mechanism
Session hijacking is a cyberattack in which an attacker controls a user’s web session by exploiting the web session control mechanism. A session hijacking attack is also known as TCP session hijacking. A session hijacking attack compromises the web session by stealing or predicting a valid session token, enabling the attacker to gain unauthorized access to the webserver. The most session hijacking methods through which a session token can be comprised include predictable session tokens, session sniffing, client-side attacks, man-in-the-middle attack, and man-in-the-browser attack.

Want to learn more? Check out our FREE Bugcrowd University to sharpen your hacking skills.

Organizations the world over need your help! Join our researcher community to connect with hundreds of organization programs focused on finding their security vulnerabilities. Our vast directory includes programs for all skill levels, across many industries and from around the world.

Back To Top