Search the Community
Showing results for tags 'firecookie'.
I am interested in what some of you use during your pen-tests to hijack sessions and steal cookies. this is a subject that I am a bit of a novice at. What I like to do is filter traffic in wireshark using the http.cookie option and using firecookie to edit the session. I have found this to not work all the time. as I said, I am also a beginner at session hijacking attacks and mitigation. are there better options? what is your favorite session hijacking platform/methods?