Session Hijacking Visual Exploitation
-
Updated
Mar 7, 2024 - JavaScript
#
session-hijacking
Here are 29 public repositories matching this topic...
A Deliberately Insecure Web Application
training education security practice hacking xss brute-force-attacks learn sql-injection csrf infosec web-security webappsec security-threats owasp-top-10 session-fixation sensitive-data-exposure session-hijacking local-file-inclusion path-traversal
-
Updated
Jan 9, 2020 - PHP
PHP Cookie Stealing Scripts for use in XSS
-
Updated
Jul 26, 2018 - PHP
A tiny flask app for helping red-teamers, purple teamers, and pentesters in delivery, data exfiltration, and some attacks (SSRF, XXE, XSS, Session Hijacking, Session Riding).
xss-exploitation exfiltration pentest-tool redteam mitre-attack session-hijacking cookie-stealer pentesting-tools purple-team redteam-tools session-riding
-
Updated
Sep 20, 2025 - Python
Powershell scripts for scanning ASP.NET apps
powershell cookies sql-injection csrf ps asp-net csrf-protection csrf-tokens powershell-script vulnerability-detection vulnerability-scanners vulnerability-assessment input-validation web-config url-encoded vulnerability-scanning session-hijacking sql-injection-exploitation cookie-properties web-config-scanner
-
Updated
Aug 11, 2023 - PowerShell
CyberX-AI-Digital-Twin is an AI-powered cybersecurity platform that uses digital twin technology to simulate, detect, and analyze cyber threats in a safe, isolated environment. Ideal for researchers, developers, and educators to test and enhance network security.
flask ldap-authentication vulnerability-assessment mitre-attack digital-twin session-hijacking sql-injection-detection bert-nlp cyber-attack-simulation ai-cybersecurity xss-prediction
-
Updated
Feb 13, 2025 - Python
The Device Fingerprint Generator is a web-based tool that uniquely identifies devices based on various browser and system attributes. By leveraging JavaScript and web APIs, it creates a consistent fingerprint that can be used for analytics, fraud prevention, and security purposes.
-
Updated
Mar 31, 2025 - HTML
MySQLSessionHandler Class (PHP 7.1)
mysql php php7 session sessionstorage session-management mysqli session-handler session-fixation php-class session-hijacking sessionhandler-interface
-
Updated
Apr 20, 2019 - PHP
Notes & misc taken from Complete Ethical Hacking Bootcamp 2021: ZTM(ARCHIVED) and EC-Council's CodeRed
markdown notes scripting hacking nmap penetration-testing vulnerability exploitation metasploit-framework privilege-escalation ethical-hacking web-penetration-testing owasp-top-10 session-hijacking open-source-intelligence network-pentesting snort3 nmap-scan cehv12
-
Updated
Mar 9, 2023 - Python
Demo tool for hijacking TCP sessions
-
Updated
Jun 6, 2021 - C++
Demonstrating exploitation of missing HTTP cookie flags
security poc pentesting burp exploitation demonstration httponly firesheep cookie-flags session-hijacking
-
Updated
Jun 28, 2019 - JavaScript
Practical labs, notes, and reports for CEH v13 modules — covering web hacking, network pentesting, malware analysis, social engineering, and security tool usage.
enumeration penetration-testing malware-analysis denial-of-service scanning ethical-hacking web-hacking social-engineering footprinting vulnerability-analysis session-hijacking system-hacking android-hacking cehv13 firewall-ids-ips iot-security-ot-security
-
Updated
Oct 8, 2025
This repository demonstrates a privilege escalation attack targeting Open5GS's WebUI, exploiting unauthenticated database connections and forged session cookies/JWT tokens. The analysis reveals critical vulnerabilities in authentication mechanisms, offering insights for securing 5G network components.
-
Updated
Jun 12, 2025 - Python
Intentionally vulnerable captive portal lab for wireless security training. Demonstrates session hijacking, authentication bypass, and network security vulnerabilities. Docker containerized for safe, isolated learning environments. FOR EDUCATIONAL USE ONLY.
penetration-testing web-security captive-portal vulnerability-assessment security-training ethical-hacking network-security authentication-bypass wireless-security session-hijacking
-
Updated
Oct 6, 2025 - Python
Python server captures inbound HTTP connections along with its respective cookies
-
Updated
Mar 2, 2023 - Python
KerioMaker (VPN Provider) Session Hijacker and upload to third-party site, You can convert this script into an executable file and send it to your target
-
Updated
Oct 12, 2022 - Python
Immerse yourself in a practical hacking exercise to gain valuable experience with prevalent security exploits. Explore six key vulnerabilities, including SQL injection, session hijacking, username enumeration, IDOR, XSS, and CSRF, for a comprehensive cybersecurity learning experience.
cybersecurity penetration-testing vulnerability-assessment ethical-hacking xss-attacks web-application-security csrf-attacks sqli-injection session-hijacking practical-hacking-framework username-enumeration idor-attack
-
Updated
Mar 14, 2023 - HTML
This is a vulnerable web application I developed for my Database Security class at Boston University. It contains possible IDOR and session hijacking attacks in a pseudo-realistic banking web app. The application is built using the LAMP stack.
-
Updated
Apr 5, 2025 - PHP
Performing TCP/IP exploits such as SYN Flooding, TCP RST attack on SSH and TLS connections, session hijacking, and revershell attacks
reverse-shell wireshark scapy tls-tunnel tcp-ip ssh-tunnel session-hijacking syn-flood-attack tcp-rst-attack netwox
-
Updated
May 1, 2023
Improve this page
Add a description, image, and links to the session-hijacking topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the session-hijacking topic, visit your repo's landing page and select "manage topics."