Answer:
Attackers use cookie snooping on victim systems to analyze users' surfing habits and sell that information to other attackers or to launch various attacks on the victims' web applications.
Hidden Field Manipulation
-Attackers attempting to compromise e-commerce websites mostly use these types of attacks. They manipulate hidden fields and change the data stored in them. Several online stores face this type of problem every day.
-Attackers can alter prices and conclude transactions, designating the prices of their choice.
Authentication Hijacking
-To identify a user, every web application employs user identification method such as an ID and password. However, once attackers compromise a system, various malicious things such as session hijacking and user impersonation can occur.
Obfuscation Application -Attackers usually work hard at hiding their attacks and avoid detection. -Network and host-based intrusion detection systems (IDSs) are constantly looking for signs of well-known attacks, driving attackers to seek different ways to remain undetected.
-The most common method of attack obfuscation involves encoding portions of the attack with Unicode, UTF-8, Base64, or URL encoding.
-Unicode is a method of representing letters, numbers, and special characters to properly display them, regardless of the application or underlying platform.
Broken Session Management
-When security-sensitive credentials such as passwords and other important data are not properly secured, attackers can easily compromise them.
Broken Account Management
-Vulnerable account management functions including account update, forgotten, or lost password recovery or reset and other similar functions might weaken valid authentication schemes.
Denial-of-Service (DoS)
-A denial-of-service or DoS attack, is an attack on the availability of a service, that reduces, restricts, or prevents accessibility of system resources to its legitimate users. For instance, a website related to a banking o
Step-by-step explanation: