Carrie Roberts & Brian King // We were recently testing a web application that used ASP.NET cookieless sessions. This meant that the session token was part of the URL as shown in the […]

The post Pentesting ASP.NET Cookieless Sessions with Burp appeared first on Black Hills Information Security, Inc..