Proof of concepts

A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.

Image courtesy of Hackaday

Contents

.
├── CSRF
│   └── csrf_no_redirect.html
├── LICENSE
├── Open redirect
│   ├── open_redirect_referrer.html
│   └── open_redirect_sign_in_form.md
├── Other
│   ├── reverse_tabnabbing.html
│   └── subdomain_takeover.html
├── README.md
└── XSS
    ├── pastejacking_reflected_xss_payload.html
    ├── xss_hidden_input.html
    └── xss_password_manager_form.html

Setup

Clone this repository to a website you use for testing purposes, publish everything, and you will be able to use all of the proof of concepts under the /proof-of-concepts/ directory (e.g. http://example.com/proof-of-concepts/pastejacking_reflected_xss_payload.html).

$ git clone https://github.com/EdOverflow/proof-of-concepts.git

⚠ Legal Disclaimer

This project is made for educational and ethical testing purposes only. Usage any of the proof of concepts found in this repository for attacking targets without prior mutual consent is illegal. Developers assume no liability and are not responsible for any misuse or damage caused by these proof of concepts.

Contributing

Do you have a fun, creative and convincing proof of concept? Please feel free to submit a pull request and we will add it to this repository.

Using the issue tracker 💡

The issue tracker is the preferred channel for bug reports and features requests.

Issues and labels 🏷

The bug tracker utilizes several labels to help organize and identify issues.

Guidelines for bug reports 🐛

Use the GitHub issue search — check if the issue has already been reported.