logo

Cookie Slack Detector

  • Risk:

  • Informational

  • Type:
  • Active
Summary
Repeated GET requests: drop a different cookie each time, followed by normal request with all cookies to stabilize session, compare responses against original baseline GET. This can reveal areas where cookie based authentication/attributes are not actually enforced.
References

https://cwe.mitre.org/data/definitions/205.html

Back <<