Session Manipulation

ID:	TAC-27
Phase:	Defence Bypass

Session Manipulation is the process of manipulating or abusing technical processes to fool defensive tooling into trusting the session or assuming the session of another user.

Techniques

• Token Bypass
• Cookie Abuse
• Certificate Abuse
• Session Persistence
• Session Reassumption
• Session Spoofing

Related Kill Chains

• Account Takeover Bot
• Ad Click Bot (Target Ads)
• Arbitrage Betting Bot
• Carding Bot
• Credential Stuffing Bot
• Gift Card Cracking Bot
• Loyalty Points Bot
• Scalper Bot
• Scraper Bot
• Social Media Bot