AppSec Blog: Tag - attacks

Session Attacks and PHP - Part 2

Yes, I will talk in this article about why it is not good to leave your session files in /tmp. But first, allow me to follow Jason's lead and talk about the session attacks he discussed in Part 2 of his ASP.NET article. I will keep it short Session fixation isn't really that much of … Continue reading Session Attacks and PHP - Part 2