Web Application Session Cookies Flag Misconfiguration Detection Scanner
This tool can be used to examine HTTP services' cookie settings.
Short Info
Level
Medium
Type
Single Scan
Can be used by
Asset Owner
Estimated Time
15 sec
Scan only one
Domain, Ipv4
Parent Category
Web Application Session Cookies Flag Misconfiguration Detection Scanner Detail
Examines cookies set by HTTP services. Reports any session cookies set without the httponly flag. Reports any session cookies set over SSL without the secure flag. If http-enum.nse is also run, any interesting paths found by it will be checked in addition to the root.
Try it yourself,
control security posture
control security posture