Session hijacking is defined as taking over an active TCP/IP communication session without the user’s permission. When implemented successfully, attackers assume the identity of the compromised user, enjoying the same access to resources as the compromised user. Identity theft, Information theft, stealing sensitive data are some of the common impacts of session hijacking.