← LibraryTechnique entry
AUTH-COOKIE-DOMAINCredential Access
Cookie Domain / Path Confusion
Cookie set on .example.com is readable from any subdomain — combined with a controlled subdomain (XSS, takeover) it pivots to all sister apps.
§ Where this technique fits
AUTH-COOKIE-DOMAIN is catalogued under the Credential Access tactic of the offensive-security kill-chain. It appears in 0 approved dossiers in the registry, typically.