{"metadata":{"image":[],"title":"","description":""},"api":{"url":"","auth":"required","params":[],"results":{"codes":[]},"settings":""},"next":{"description":"","pages":[]},"title":"Cookie Tampering","type":"basic","slug":"cookie-tampering","excerpt":"","body":"Attackers will often manipulate the session cookie during attacks in an attempt to either obtain a valid session, or uncover flaws in the session token generation algorithm.\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"Mitigation\"\n}\n[/block]\nIf a request contains a cookie which has been tampered with, IMMUNIO will detect it, and if configured to do so will alert with the details on the dashboard.","updates":[],"order":4,"isReference":false,"hidden":false,"sync_unique":"","link_url":"","link_external":false,"_id":"55dc83657fa0290d0055915e","user":"55dc702d7fa0290d00559106","category":{"sync":{"isSync":false,"url":""},"pages":[],"title":"Suspicious Behavior","slug":"suspicious-behavior","order":5,"from_sync":false,"reference":false,"_id":"57d9b91cda17c30e003897f4","createdAt":"2016-09-14T20:54:52.969Z","project":"55db8f8f1a91690d007ad975","__v":0,"version":"55db8f901a91690d007ad978"},"project":"55db8f8f1a91690d007ad975","__v":2,"createdAt":"2015-08-25T15:01:57.975Z","githubsync":"","version":{"version":"1.0","version_clean":"1.0.0","codename":"","is_stable":true,"is_beta":false,"is_hidden":false,"is_deprecated":false,"categories":["55db8f901a91690d007ad979","55db9856b3d6540d00886426","55dc751b00a8811900c230e3","55dc766255be9f21004ee250","55dc769200a8811900c230ed","55e4c701177b6e0d003330fa","55f4915caf0bc71900a53130","55f491b2be9c2b2100f0635d","560b22739c7be70d00100bd8","57488c53e8c6a420000b729c","574cefd95953e20e00f40f9f","5798edfd7700d30e00ad250c","579ac88234b5fd0e00b9e140","57c81c6d690c200e0047b72e","57d9b8fbda17c30e003897f1","57d9b90e608ea00e00f358d8","57d9b91cda17c30e003897f4"],"_id":"55db8f901a91690d007ad978","createdAt":"2015-08-24T21:41:36.034Z","project":"55db8f8f1a91690d007ad975","__v":17,"releaseDate":"2015-08-24T21:41:36.034Z"},"parentDoc":null}
Attackers will often manipulate the session cookie during attacks in an attempt to either obtain a valid session, or uncover flaws in the session token generation algorithm. [block:api-header] { "type": "basic", "title": "Mitigation" } [/block] If a request contains a cookie which has been tampered with, IMMUNIO will detect it, and if configured to do so will alert with the details on the dashboard.