Session Hijacking Visual Exploitation
-
Updated
Mar 7, 2024 - JavaScript
#
session-hijacking
Here are 26 public repositories matching this topic...
A Deliberately Insecure Web Application
training education security practice hacking xss brute-force-attacks learn sql-injection csrf infosec web-security webappsec security-threats owasp-top-10 session-fixation sensitive-data-exposure session-hijacking local-file-inclusion path-traversal
-
Updated
Jan 9, 2020 - PHP
PHP Cookie Stealing Scripts for use in XSS
-
Updated
Jul 26, 2018 - PHP
Powershell scripts for scanning ASP.NET apps
powershell cookies sql-injection csrf ps asp-net csrf-protection csrf-tokens powershell-script vulnerability-detection vulnerability-scanners vulnerability-assessment input-validation web-config url-encoded vulnerability-scanning session-hijacking sql-injection-exploitation cookie-properties web-config-scanner
-
Updated
Aug 11, 2023 - PowerShell
A tiny flask app for helping pentesters, red-teamers and bug hunters in data exfileration, SSRF, XSS, Session Hijacking, Session Riding and Cookie Thieve.
bugbounty xss-exploitation exfiltration xss-attacks pentest-tool session-hijacking cookie-stealer pentesting-tools bugbounty-tool pentest-webapp session-riding
-
Updated
Jul 30, 2025 - Python
CyberX-AI-Digital-Twin is an AI-powered cybersecurity platform that uses digital twin technology to simulate, detect, and analyze cyber threats in a safe, isolated environment. Ideal for researchers, developers, and educators to test and enhance network security.
flask ldap-authentication vulnerability-assessment mitre-attack digital-twin session-hijacking sql-injection-detection bert-nlp cyber-attack-simulation ai-cybersecurity xss-prediction
-
Updated
Feb 13, 2025 - Python
The Device Fingerprint Generator is a web-based tool that uniquely identifies devices based on various browser and system attributes. By leveraging JavaScript and web APIs, it creates a consistent fingerprint that can be used for analytics, fraud prevention, and security purposes.
-
Updated
Mar 31, 2025 - HTML
MySQLSessionHandler Class (PHP 7.1)
mysql php php7 session sessionstorage session-management mysqli session-handler session-fixation php-class session-hijacking sessionhandler-interface
-
Updated
Apr 20, 2019 - PHP
Demo tool for hijacking TCP sessions
-
Updated
Jun 6, 2021 - C++
Demonstrating exploitation of missing HTTP cookie flags
security poc pentesting burp exploitation demonstration httponly firesheep cookie-flags session-hijacking
-
Updated
Jun 28, 2019 - JavaScript
Notes & misc taken from Complete Ethical Hacking Bootcamp 2021: ZTM(ARCHIVED) and EC-Council's CodeRed
markdown notes scripting hacking nmap penetration-testing vulnerability exploitation metasploit-framework privilege-escalation ethical-hacking web-penetration-testing owasp-top-10 session-hijacking open-source-intelligence network-pentesting snort3 nmap-scan cehv12
-
Updated
Mar 9, 2023 - Python
This repository demonstrates a privilege escalation attack targeting Open5GS's WebUI, exploiting unauthenticated database connections and forged session cookies/JWT tokens. The analysis reveals critical vulnerabilities in authentication mechanisms, offering insights for securing 5G network components.
-
Updated
Jun 12, 2025 - Python
Immerse yourself in a practical hacking exercise to gain valuable experience with prevalent security exploits. Explore six key vulnerabilities, including SQL injection, session hijacking, username enumeration, IDOR, XSS, and CSRF, for a comprehensive cybersecurity learning experience.
cybersecurity penetration-testing vulnerability-assessment ethical-hacking xss-attacks web-application-security csrf-attacks sqli-injection session-hijacking practical-hacking-framework username-enumeration idor-attack
-
Updated
Mar 14, 2023 - HTML
Python server captures inbound HTTP connections along with its respective cookies
-
Updated
Mar 2, 2023 - Python
KerioMaker (VPN Provider) Session Hijacker and upload to third-party site, You can convert this script into an executable file and send it to your target
-
Updated
Oct 12, 2022 - Python
This repository contains a comprehensive analysis of the PandaBanker malware. The analysis includes examining various techniques employed by the malware such as API Hooking, Process Hijacking, and Memory Dumping. The investigation also involves practical steps using various tools to understand the malware's behavior and persistence mechanisms.
-
Updated
Jun 24, 2024
Broken Authentication Lab This lab provides a hands-on demonstration of credential stuffing (using Postman +weakpass) and session hijacking (via low-entropy session IDs) against a vulnerable login.php app.
-
Updated
Jun 25, 2025 - PHP
Improve this page
Add a description, image, and links to the session-hijacking topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the session-hijacking topic, visit your repo's landing page and select "manage topics."