Micro-Topic 24.1: Session Secrets – How Logins Stay Alive
Goal: Understand what sessions and tokens are in web/logins, and why protecting them is crucial.
Micro-Topic 24.2: Token Thieves – How Attackers Steal Sessions (Web Attacks)
Goal: Learn the common web-based techniques (like XSS and CSRF) attackers use to grab or abuse session tokens.
Micro-Topic 24.3: Eavesdropping & Network Hijacks – Session Theft on the Wire
Goal: Understand how attackers can hijack sessions by intercepting network traffic (and the importance of encryption).
Micro-Topic 24.4: Guarding the Session – Defensive Measures
Goal: Learn how developers and users can protect session tokens and prevent hijacking (secure cookies, HTTPS, token best practices, etc.).