search

Cookies Attributes

hashtag
Check List

hashtag
Methodology

hashtag
Black Box

hashtag
Insecure Cookie Exposure

1

Log in as a normal user

2

Open DevTools then go to Console

3

Type document.cookie

4

Look for any authentication-related cookies ( accessToken, session, refreshToken)

5

Open DevTools, Application, Storage, Cookies to check attributes like

  • HttpOnly

  • Secure

  • Expiration date

hashtag
White Box

hashtag
Cheat Sheet

PreviousSession Management SchemaNextSession Fixation

Last updated