Attacks & Threats
Session Hijacking
Also known as: TCP session hijacking, Cookie session hijacking
Definition
An attack that takes over a victim's authenticated session by stealing or forging the session identifier so the attacker can act as the user without their credentials.
Examples
- An XSS payload exfiltrates a logged-in user's session cookie to the attacker, who pastes it into their browser to impersonate the victim.
- Malware on a workstation steals an OAuth refresh token, granting persistent access to a SaaS application.
Related terms
Cookie Hijacking
Theft and reuse of a user's HTTP cookies — typically session or authentication cookies — to impersonate that user against a web application.
Cookie Poisoning
An attack that modifies the contents of HTTP cookies before they are sent back to a web application, in order to alter trust, identity, or business logic decisions.
Cross-Site Scripting (XSS)
A web vulnerability that allows attackers to inject malicious scripts into pages viewed by other users, executing in the victim's browser under the site's origin.
Session Management
Session Management — definition coming soon.
Session Fixation
Session Fixation — definition coming soon.
Man-in-the-Middle Attack
An attack in which an adversary secretly relays or alters communications between two parties who believe they are talking directly to each other.