JHijack can prove useful to any web developer, providing a simple Java-based tool that can assist them in finding security vulnerabilities in their projects. With its help, developers can perform numeric session hijacking and evaluate the reliability of their web-based application.
Easy to work with
Relying on the Java technology, JHijack can be launched on any platform. Its simple interface makes it very easy to use, but advanced programming knowledge and understanding of the HTTP language is required in order to use it.
JHijack only requires you to enter the name of the host to evaluate and the port number to use. It can send requests to the target host using either the GET or the POST method, requesting or submitting data to the server.
Simulates various attack types
There are multiple fields that you can configure according to your preferences, but it is advisable not to modify them unless you know what you are doing. Advanced users can change grep mode and the session ID or alter the parameters.
The application can simulate various types of attacks. It can perform session (or cookie) highjacking (which can reveal vulnerabilities that can lead to the theft of browser cookies containing authentication data), URL attacks (based on incorrectly entered URLs) and body highjacking.
The results are displayed in an organized manner and you can save them locally. However, only experienced users can accurately interpret them.
Ensures your web app is not exposed to highjacking
JHijack can simulate highjacking attempts in order to assess the security level of your web application. Used correctly, it can be a powerful tool in the hands of any web developer who wants to eliminate any potential vulnerabilities from an application.