Substantial security challenge to web applications, using modified OTC and OWASP update

Aleksander Biberaj, Igli Tafa, Kristi Ndoni , Islam Tahiraj, Andrea Muco
Faculty of information and technology
Polytechnic University Of Tirana
Tirana, Albania


Internet security is studied by computer science and serves as a safe medium for exchanging data while minimizing the likelihood of online threats. Through use of advanced web-based software is growing because they provide the user with a lot of features. Web technologies have an important role in different industries, like schooling, retail, medical care, and payment systems. Session bugs are becoming more common throughout web applications whereas their value in community grows. Hackers try to profit of incorrectly designed websites so they take hold of victim’s sessions and also of  identities. As a result, session handling represents a substantial security challenge to web applications. Weak programming methods are among the causes for effective session acquisition. A further explanation is that the server as well as the customer verify themselves differently at first.

In the recent years most common strikes used amongst attackers is session hijacking. Based on latest recent OWASP update, session hijacking is indeed one of the second frequent assault that happens mostly. It is one important attack among others, which a hacker may use to connect directly to a customer’s operating session. User Hijacking occurs when a hacker takes victim’s session id, and uses it to obtain entry into the victim’s actual session. This system will provide protection in case of this attack form once it has been successfully implemented.

Keywords—sessions, cookies, hijacking, attacks, hacker, cybersecurity, bug, vulnerability, one time cookies, HTTP, sql injections.

Volume 7.No.2(2023): April – (Social Sciences Session)

ISSN 2661-2666 (Online) International Scientific Journal Monte (ISJM)
ISSN 2661-264X (Print)



Full Text: PDF

This is an open access article under the CC BY-NC-ND license (