# session-attacks
標記為「session-attacks」的 4 篇文章
Authentication & Session Attacks
Methodology for bypassing authentication, extracting API keys, manipulating session state, exploiting cross-session data leakage, and escalating privileges in LLM-powered applications.
authenticationsession-attacksapi-keysprivilege-escalationjwtllm-appsaccess-control
AI Application Security
Methodology for exploiting LLM application vulnerabilities: output handling injection (XSS, SQLi, RCE), authentication bypass, session manipulation, and integration-layer attacks.
application-securityxsssqlicommand-injectionauth-bypasssession-attackswebhooksllm-apps
身分驗證與會話攻擊
繞過身分驗證、提取 API 金鑰、操弄會話狀態、利用跨會話資料洩漏,與於 LLM 驅動應用升級特權之方法論。
authenticationsession-attacksapi-keysprivilege-escalationjwtllm-appsaccess-control
AI 應用安全
利用 LLM 應用漏洞之方法論:輸出處理注入(XSS、SQLi、RCE)、驗證繞過、會話操弄,以及整合層攻擊。
application-securityxsssqlicommand-injectionauth-bypasssession-attackswebhooksllm-apps