# Cookie Bomb

A cookie bomb aims to adding a large number of big cookies to a user for a domain and its subdomains. As a result, a user will send very huge requests to a server (due to the big cookies) that a server will refuse. Therefore, it will cause a client-side DoS in that domains and subdomains.

## References

* [HackTricks: Cookie Bomb](https://book.hacktricks.xyz/pentesting-web/hacking-with-cookies/cookie-bomb)
* [Report: DOM based cookie bomb](https://hackerone.com/reports/57356)
* [Slides: The Cookie Monster in Your Browsers - Cookie Bomb](https://speakerdeck.com/filedescriptor/the-cookie-monster-in-your-browsers?slide=26)