Session Management
Premium roomLearn about session management and the different attacks that can be performed against insecure implementations.
easy
60 min
23,583
To access material, start machines and answer questions login.
In this room, you will learn about Session Management. Thinking about your interactions with web applications, you should realise that you do not provide a web application with your username and password on every request. Instead, after authentication, you are provided with a session. This session is used by the web application to keep your state, track your actions, and decide whether or not you are allowed to do what you are trying to do. Session management aims to ensure that these steps are performed correctly. Otherwise, it may be possible for a threat actor to compromise your session and effectively hijack it!
Prerequisites Learning Objectives
- Understand what Session Management is
- Understand the differences between authentication and authorisation and how they each play a role in session management
- Learn about the two main session management methods
- Learn about the session management lifecycle
- Learn how to practically exploit vulnerable session management implementations
I am ready to learn about session management!
Ready to learn Cyber Security?
The Session Management room is only available for premium users. Signup now to access more than 500 free rooms and learn cyber security through a fun, interactive learning environment.
Already have an account? Log in