session hijacking
Session hijacking, also known as session stealing or session sidejacking, is a cyber attack where an unauthorized person intercepts and takes control of an ongoing session between a user and a website or service. This allows the attacker to gain access to the user's sensitive information, such as login credentials or personal data, and potentially pretend to be the legitimate user for malicious purposes.
Requires login.
Related Concepts (17)
- attack vectors
- browser exploit techniques
- browser hijacking
- clickjacking
- cross-site scripting (xss)
- denial of service (dos) attack
- dns spoofing
- html injection
- injection attacks
- malware injection
- man-in-the-middle (mitm) attack
- network protocol exploitation
- packet sniffing
- phishing
- remote code execution
- web application exploitation
- web vulnerabilities
Similar Concepts
- account hijacking
- api session hijacking
- clickjacking attacks
- client impersonation
- control-flow hijacking
- dll hijacking
- server-side request forgery (ssrf)
- server/client impersonation
- session authentication bypass
- session fixation attacks
- session management
- session management vulnerabilities
- tcp/ip hijacking
- token hijacking
- user impersonation