> ## Documentation Index
> Fetch the complete documentation index at: https://rootea.es/llms.txt
> Use this file to discover all available pages before exploring further.

# Session Forensics

> Analyse sessions and tokens for web application investigations.

# Session Forensics

<p className="machine-summary"><span className="prompt"><code>\$ tldr</code></span> TryHackMe · Walkthrough · Medium</p>

<div className="machine-meta">
  | ·             | ·                                                   |
  | ------------- | --------------------------------------------------- |
  | Platform      | TryHackMe                                           |
  | Type          | Walkthrough                                         |
  | Difficulty    | <span className="dbadge dbadge-easy">MEDIUM</span>  |
  | Access        | 🟢 Free                                             |
  | Average time  | 60 min                                              |
  | Users         | 4.229                                               |
  | Official room | [Open](https://tryhackme.com/room/sessionforensics) |
</div>

## Description

Analyse sessions and tokens for web application investigations.

## Solve the room

| Language | Author        | Format      | Link                                                |
| -------- | ------------- | ----------- | --------------------------------------------------- |
| 🇬🇧 EN  | **TryHackMe** | Lab oficial | [Open](https://tryhackme.com/room/sessionforensics) |

## Resources by skill

| Skill         | Source     | Link                                                                                    |
| ------------- | ---------- | --------------------------------------------------------------------------------------- |
| USB forensics | HackTricks | [Open](https://book.hacktricks.wiki/en/forensics/basic-forensic-methodology/index.html) |

## Related skills

[USB forensics](/en/skills/usb-forensics)

***

## Comments & tips

Solved this room a different way? Share it here — comments live in [GitHub Discussions](https://github.com/FFuson/HTB_Writeups/discussions).

<div className="rootea-giscus-wrap" data-giscus-term="thm:tryhackme-sessionforensics" data-giscus-lang="en" />

*Last updated: 2026-05-09*

<script type="application/ld+json">
  {`{"@context":"https://schema.org","@type":"TechArticle","name":"Session Forensics","headline":"Session Forensics — TryHackMe room index","url":"https://rootea.es/en/tryhackme/rooms/sessionforensics","inLanguage":"en","about":[{"@type":"Thing","name":"TryHackMe"},{"@type":"Thing","name":"Walkthrough"}],"isPartOf":{"@type":"WebSite","name":"rootea.es","url":"https://rootea.es"},"author":{"@type":"Organization","name":"rootea.es"}}`}
</script>
