Cookie Manipulation and Session Hijacking - Be The H.A.C.R. - Ep - 08

Cookie Manipulation and Session Hijacking - Be The H.A.C.R. - Ep - 08 Welcome back to the eighth episode of Be The H.A.C.R. series. ------------------------------------------------------------------------------------------------------------------------- Links from the video : HTS Basic 10 : https://www.hackthissite.org/missions/basic/10/ OWASP HTTPOnly : https://owasp.org/www-community/HttpOnly Edit This Cookie ( Chrome Extension ) : https://chrome.google.com/webstore/detail/editthiscookie/fngmhnnpilhplaeedifhccceomclgfbg?hl=en Hackerone Report : https://hackerone.com/reports/745324 HackingSimplified Subreddit Link : https://www.reddit.com/r/HackingSimplified/ ------------------------------------------------------------------------------------------------------------------------- ------------------------------------------------------------------------------------------------------------------------- Key Takeaways : 1. Session identify a user on a webapp 2. Cookies are strings, which are crucial to session management 3. Importing someone else's cookies bypasses all the defenses put in the webapp during the login time and one can impersonate as the victim 4. Javascript manipulates the DOM ( Document Object Model ) 5. Javascript can't access 'HTTPOnly' cookie, thus those are safe from XSS 6. You can run js commands in browser console ------------------------------------------------------------------------------------------------------------------------- Detailed Google FeedBack Form : https://forms.gle/rA9oy5wqN5GSLkh8A Join the telegram channel to get latest articles related to cybersecurity and hacking : https://t.me/hackingsimplified42 Thank you everyone. Hope it was worth your time. ------------------------------------------------------------------------------------------------------------------------- About the Channel : You would've started or would like to start hacking, wait no more, start here. You're in the right place. Hack Automate Code Repeat Be The H.A.C.R. This is the eighth episode in a long series of videos. This series will include : 1. Web exploitation - Common attack vectors ( OWASP top 10, how to find targets, automating your toolset, bug bounty approach etc ) 2. Windows exploitation - Real atacks using metasploit, creating FUD ( Fully UnDetectable ) meterpreter payload and also on vulnerable machines & other online services like vulnhub & hackthebox 3. Hardware attacks like - Bad USB attacks - Practical and where you could get the cheap Hardware All these will have working updated techniques. These all will have demo wherever possible, so stay tuned. Whereas on the channel : 1. Automate your toolset - Script and let machines do the boring work 2. Write your own virus - I wrote in my 2nd year at college, However now the skillsets have improved drastically, so better obfuscation techniques. 3. Linux basics - Since this will help you work more productively. A lot of exciting things to come. --------------------------- X -------------------------------- X ---------------------------------- #hacking #HackingSimplified #StartHacking #beTheHACR #hackthissite #websecurity #howtohack #hack #howtobeahacker #hackingCourse #bugBounty #bug #bounty #hacker #hackerone #hackeronehack #session #sessionmanagement #sessionhijacking #stealingsession #cookie #editthiscookie hacking ,HackingSimplified, Hacking Simplified, Start Hacking ,Be The HACR,hackthissite, hack this site, web security,how to hack,hack,how to be a hacker, hacking Course, bug Bounty,bug,bounty,hacker,hackerone,hackerone hack ,session ,session management ,session hijacking ,stealing session ,cookie , editthiscookie

Видео Cookie Manipulation and Session Hijacking - Be The H.A.C.R. - Ep - 08 автора JavaScript и Bootstrap