+BiscuitSpy was built as a proof-of-concept software for profiling web users based on http cookies. It offers functionality to capture packets on an open wireless network and filter out http headers which transmit cookie data. The captured cookie data is combined with existing cookie definitions to extract relevant user information. In our work we showed that captured cookies leak various personal information, such as browsing behavior, location information, username and e-mail address and unique brower identifiers. By aggregating the cookie information from multiple sources, BiscuitSpy can built up a comprehensive user profile.
