Identify actual session cookies out of bulk cookies in the application
Decode cookies using some standard decoding algorithms such as Base64, hex, URL, etc
Modify cookie. session token value by 1 bit/byte. Then resubmit and do the same for all tokens. Reduce the amount of work you need to perform in order to identify which part of the token is actually being used and which is not
If self-registration is available and you can choose your username, log in with a series of similar usernames containing small variations between them, such as A, AA, AAA, AAAA, AAAB, AAAC, AABA, and so on. If another user-specific data is submitted at login or stored in user profiles (such as an email address)
Check for session cookies and cookie expiration date/time
Identify cookie domain scope
Check for the HttpOnly flag in the cookie
Check for the Secure flag in the cookie if the application is over the SSL
Check for session fixation i.e. value of the session cookie before and after authentication
Replay the session cookie from a different effective IP address or system to check whether the server maintains the state of the machine or not
Check for concurrent login through different machine/IP
Check if any user pertaining information is stored in cookie value or not If yes, tamper it with other user's data
Failure to Invalidate Session on (Email Change,2FA Activation)
Last updated 2 years ago
