Day 3 of Web Application Penetration Testing From Absolute Beginning -
Topic - Session Management in Web Applications
Check Threats
#cybersecurity #bugbounty #bugbountytips #infosec

Session Management - Whenever we login into a web app and close the tab then we don't have to re-login again because web applications remember your login sessions, It is a process in which server manages multiple requests from user without asking for creds again and again.

Websites maintain sessions with session-id's, basically when a user login's into dynamic web application the user gets a session id form server to your browser and that's how a browser proves your identity whenever you re-visit the website. Session id's are long and unpredictable

Whenever we log out from the website the session id revokes that's why we've to re-login again ,Session-id's usually to store in cookies of a web browser. let say anyhow we managed to get the session-id then we can login into that user's account without required credentials.

THANKS FOR READING, DUE TO BIT BUSY SECULDE UNABLE TO POST MUCH.
NEXT TOPIC - AUTHENTICATION AND AUTHORIZATION ( DAY 4)