3.1 Testing for Session Management Schema

3.2 Testing for Cookies Attributes

3.3 Testing for Session Fixation

3.4 Testing for Exposed Session Variables

Session Management Testing

3.5 Testing for Cross Site Request Forgery

3.6 Testing for Logout Functionality

3.7 Testing Session Timeout

3.8 Testing for Session Puzzling

3.9 Testing for Session Hijacking