Session Security Checker

This skill provides a comprehensive security audit for web application session handling by scanning source code for critical vulnerabilities. It automatically detects insecure session ID generation, missing cookie security flags (HttpOnly, Secure, SameSite), session fixation risks, and improper timeout configurations across various frameworks like Express, Django, and Spring. By generating detailed remediation reports with actionable code examples, it helps developers harden their authentication layers and maintain compliance with industry standards like OWASP and PCI-DSS.

주요 기능

사용 사례