Session hijacking can be defined as impersonating and sending a request as a user other than yourself.In layman's language, it is similar to plane hijacking, where a terrorist takes control of the plane except that here the hacker takes control of the session. It can be done in many ways, the most common being stealing the cookies of a user.1) Find the website which is vulnerable to XSS. Let us assume that a siteis vulnerable to XSS.2) Assume that when a search (which is vulnerable to XSS) is performed on the website, parameters are passed in the url in the format3) Now we need to save the cookies of the user.4) Copy the code from my repository at https://github.com/rohankalra97/Session-Hijacking/blob/master/stealer.php and save it as5) Replace the 5th line with the url which you want the user to be finally redirected to.6) Create an empty file with name7) Now push the file at your own server.…