All Courses
All
Courses
Login / Sign up
-
Project Management
- PMP® Certification Training
- PMI-ACP® Certification Training
- Agile Scrum Master Certification Training
- Project Management Fundamentals
- PRINCE2® Foundation Certification Training
- PRINCE2® Foundation and Practitioner Combo Training & Certification
- CAPM® Certification Training
- Certified ScrumMaster® (CSM®) Training and Certification Course
-
Quality Management
- Lean Six Sigma Yellow Belt Training Course
- Lean Six Sigma Green Belt Training & Certification
- Lean Six Sigma Black Belt Training & Certification
- Lean Six Sigma Green & Black Belt Combo Training & Certification
- Six Sigma Yellow Belt Training & Certification
- Six Sigma Green Belt Training & Certification
- Six Sigma Black Belt Training & Certification
- Six Sigma Green & Black Belt Combo Training & Certification
-
IT, Networking, and Security
- CISSP Certification Training
- ITIL® 4 Foundation Training & Certification
- ITIL® Intermediate Service Operations Training
- ITIL Intermediate Continual Service Improvement (CSI) Training
- ITIL Intermediate Service Transition Training
- ITIL® v3 Foundation Training & Certification
- CCNA R & S - (200-125)
- GNS3 Training
- CompTIA A+ 220-901
- CompTIA A+ 220-902 Training Course
-
Microsoft
- Microsoft Azure Fundamentals - AZ-900T01 Training Course
- Microsoft Azure Administrator - AZ-104T00 Training Course
- Developing Solutions for Microsoft Azure - AZ-204T00 Training course
- Microsoft Certified: Azure Solutions Architect Expert Training Course
- Planning and Administering SharePoint 2016 - 20339-1AC Training Course
-
Data Science and AI
- Certificate Program in Data Science
- Certificate Program in Artificial Intelligence
- Data Science Basics
- Data Science with Python Training Course
- Machine Learning Training Course
- Data Science with R Training Course
- Big Data: Hadoop & Spark Training Course
- Tableau Desktop Training Course
- Deep Learning with TensorFlow Training Course
- Natural Language Processing Training Course
- Computer Vision Training Course
- SAP
-
DevOps and Cloud
- Introduction to Kubernetes Using Docker
- AWS Certified Solutions Architect - Associate
- DevOps with AWS CodePipeline, Jenkins and AWS CodeDeploy Training Course
- DevOps: CI/CD with Jenkins pipelines, Maven, Gradle Training Course
- DevOps with AWS Command Line Interface Training Course
- Implementing Microsoft Azure Infrastructure Solutions (70-533) Training Course
- Introduction To Docker Training Course
-
Blockchain
- Starting with Blockchain Technology for Developers
- Enterprise Blockchain Bootcamp Training Course
- Intro to the NEM Blockchain for Developers
- R3 Corda Blockchain Fundamentals Training Course
- Developing on the NEM Blockchain Training Course
- Developing on the EOS Blockchain Training Course
- Introduction to Blockchain Technology Training Course
- Blockchain Security Training Course
- Certified Blockchain Solutions Architect Training Course
-
Programming
- MCSA: Windows Server 2012 Certification (Microsoft Certified Solutions Associate) Training Course
- Microsoft 70-461: Querying SQL Server 2012 Training Course
- Microsoft 70-462: Administering SQL Server 2012 Databases Training Course
- Python Object Oriented Programming Fundamentals Training Course
- Microsoft 70-463: Implementing a Data Warehouse with SQL Server 2012 Training Course
- Microsoft 70-464: Developing Microsoft SQL Server 2012 Databases Training Course
- C# Programming Crash Course Training
- Microsoft 70-465: Designing Database Solutions for Microsoft SQL Server 2012 Training Course
- Microsoft 70-466: Implementing Data Models and Reports with Microsoft SQL Server 2012 Training Course
- Microsoft 70-467: Designing Business Intelligence Solutions with Microsoft SQL Server 2012 Training Course
- Internet of Things-IoT 101 Certification Training Course
- Fundamentals of Java Programming Training Course
- Stepping into Windows PowerShell Training Course
-
Web Technologies & Tools
- PHP Development with the Laravel Framework Training Course
- PHP Object Oriented Programming: Build a Login System Training Course
- Fundamentals of JavaScript Training Course
- Python Programming for Beginners Training Course
- Javascript Best Practices Training Course
- Angular 7 Training Course
- Fundamentals of PHP Training Course
- Fundamentals of Node.js
- PHP Object Oriented Programming Training Course
- Ag-Grid with React Training Course
- Master Auth0 Training Course
- Build Modern Web Apps with MEAN Training Course
- Mastering the Ionic Framework Training Course
- Fullstack Development Training Course
- Django Training Course
- Master Rails JSON API Training Course
- Node.js Training Course
- Build an App with React & Redux Training Course
- Master Typescript Training Course
- RxJS Training Course
- Fundamentals of Cypress Training Course
- Netlify Training Course
-
Others
- Microsoft Project Training
- Artificial Intelligence (AI) and Machine Learning (ML) Foundation Course
- Leadership Skills vs. Management Training Course
- Data Visualization with Python and Matplotlib Training Course
- Cyber Security Training Course
- Introduction to Marketing Training
- Data Analysis with Python and Pandas Training Course
- Internet Marketing Fundamentals Training Course
- Social Media Marketing Training Course
- Train The Trainer Course
- MS PowerPoint Training Course
- Human Resources Management Training Course
- Sales Fundamentals Training Course
- Excel VBA Workshop
- Advanced Excel Workshop
- Advanced Microsoft Excel 2013 Training
- Machine Learning for Apps Training Course
- Complete Introduction to Business Data Analysis Training Course
- Professional Graphic Designer Training Course
- Powerful Reports & Dashboards with Microsoft Power BI Training Course
Login
Get started
Reset your password
Enter your email and we'll send you instructions on how to reset your password.
- Opencampus Ethical Hacking Session Hijacking Levels
Session Hijacking Levels
Session Hijacking can be done at two levels:
-
Network Level
-
Application Level
Network Level hijacking includes TCP and UDP sessions.
Application Level hijacking occurs with HTTP Sessions.
Application Level Hijacking:
Here the valid session token is stolen or predicted to take over the session. Various attacks involved here are-
Man in the middle attack:
By using automated tools/spoofing methods the attacker splits the connection between the targets into two. One connection between the client and attacker and another one between attacker and server. Since the attacker becomes the man in the middle, all the traffic goes through him, hence he can capture the session Id.
Cross-site scripting:
Client-side vulnerabilities like XSS attacks allow an attacker to craft a malicious script to get the session Id from the application.
Using Proxy:
By setting up a proxy and causing the traffic to flow through the proxy, one can capture the session Id details.
Man-in the–Browser:
By installing a Trojan in the victim’s browser will notify the attacker the session Id.
Session Replay:
Capturing the authentication packets by sniffing the traffic; replaying those packets after a time interval may cause the attacker to successfully login to the session of the authorized user.
0 Comments
-
Ethical Hacking
-
Introduction to Ethical Hacking
-
Footprinting and Reconnaissance
-
Scanning
-
Enumeration
-
System Hacking
-
Malware Threats
-
Sniffing
-
Social Engineering
-
Denial of Service
-
Session Hijacking
-
Hacking Web Servers
-
Web Application Attacks
-
SQL Injection
-
Hacking Wireless Networks
-
Hacking Mobile Devices
-
Evading Firewall/IDS and Honey Bots
-
Cryptography
-
Cloud Computimg
Add Comment