A cookie is a small file that is inserted into a user's computer by a web application. Cookies record information such as browser activity and login or authentication details.
Many web applications have experienced cookie-related vulnerabilities that lead to user impersonation and remote cookie tampering. When a cookie is sent over insecure HTTP, an attacker can read the cookie if this attacker controls the communication between the server and browser.
There are some other cookie security flags designed to make the state management mechanism between client and server more secure. These include httpOnly, SameSite attribute, and cookie prefixes.
Once the scan is completed, all cookies are listed under the Cookies node in the Knowledge Base, highlighted in red and bold. You can access the same information in the Knowledge Base Report and Knowledge Base Tab.
Acunetix 360 forms Knowledge Base nodes based on its findings. If there is no Cookies node, it means that Acunetix 360 did not detect any.
For further information, see Knowledge Base Nodes.
How to View the Cookies Node in Acunetix 360
- Log in to Acunetix 360.
- From the main menu, click Scans, then Recent Scans. The Recent Scans window is displayed.
- Next to the relevant website, click Report.
- From the Technical Report section, click the Knowledge Base tab.
- Click the Cookies node. The information is displayed in a Cookies tab.