Session Hijacking Tools

Session hijacking happens when an attacker hacks the session of a user by obtaining the authentication. For instance, someone has logged into his bank account on the bank website. The session starts once he is logged in and it ends when logged out. The method of taking over a session is called session hijacking

Burp Suite

Ettercap: Ettercap is a comprehensive suite for man in the middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis.



netool toolkit

WebSploit Framework



Cookie Cadger




Session Hijacking Tools for Mobile: DroidSheep and DroidSniff

  • DroidSheep:
    • DroidSheep is a simple Android tool for web session hijacking (sidejacking).
    • It listens for HTTP packets sent via a wireless (802.11) network connection and extracts the session IDs from these packets.
  • DroidSniff:
    • DroidSniff is an Android app for security analysis in wireless networks and capturing Facebook, Twitter, Linkedin, and other accounts.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *