A Deliberately Insecure Web Application
-
Updated
Jan 9, 2020 - PHP
A Deliberately Insecure Web Application
Session Hijacking Visual Exploitation
PHP Cookie Stealing Scripts for use in XSS
MySQLSessionHandler Class (PHP 7.1)
Demonstrating exploitation of missing HTTP cookie flags
Performing TCP/IP exploits such as SYN Flooding, TCP RST attack on SSH and TLS connections, session hijacking, and revershell attacks
Powershell scripts for scanning ASP.NET apps
Demo tool for hijacking TCP sessions
XSS cookie stealer using a simple php script.
Python server captures inbound HTTP connections along with its respective cookies
Stored XSS in InterMind iMind Server through 3.13.65 allows any user to hijack another user's session by sending a malicious file in the chat.
A tiny flask app for helping pentesters and bug hunters in XSS, Session Hijacking, Session Riding and Cookie Thieve.
Notes & misc taken from Complete Ethical Hacking Bootcamp 2021: ZTM(ARCHIVED) and EC-Council's CodeRed
Limit the number of open sessions per users
KerioMaker (VPN Provider) Session Hijacker and upload to third-party site, You can convert this script into an executable file and send it to your target
This repository contains a comprehensive analysis of the PandaBanker malware. The analysis includes examining various techniques employed by the malware such as API Hooking, Process Hijacking, and Memory Dumping. The investigation also involves practical steps using various tools to understand the malware's behavior and persistence mechanisms.
Add a description, image, and links to the session-hijacking topic page so that developers can more easily learn about it.
To associate your repository with the session-hijacking topic, visit your repo's landing page and select "manage topics."