This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Testing for Session Management

From OWASP

Revision as of 12:21, 12 October 2006 by Mmeucci (talk | contribs) (→‎Session Management Testing)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

Session Management Testing

Intro here.

4.5.1 Cookie and Session Token Manipulation
4.5.2 Weak Session Tokens
4.5.3 Session Riding
4.5.4 Exposed Session Variables
4.5.5 HTTP Exploit

Session token transport security and reuse of session tokens from HTTP to HTTPS [][Completed]Javier Fernandez-Sanguino

OWASP Testing Guide v2 Table of Contents

Retrieved from "https://wiki.owasp.org/index.php?title=Testing_for_Session_Management&oldid=10512"