xsshunter icon indicating copy to clipboard operation
xsshunter copied to clipboard

Published 20 hours ago verified publisher icon mandatoryprogrammer

Window Redress

Open Miserlou opened this issue 9 years ago • 2 comments

This one, combined with #12 , is a really big one. Replace the current DOM content with the contents of another page and change the URL bar's contents and favicon. That way, you can replace the contents of '/dash' with the contents of '/login' and capture the resulting keystrokes. This is why XSS still rules.

Again, source example: https://github.com/Miserlou/XSS-Harvest

Miserlou avatar Oct 22 '16 23:10 Miserlou

There is a new version of XSS Hunter (e.g. v2) actively being developed which will actually have a module system for adding modules such as this. Stay tuned!

mandatoryprogrammer avatar Nov 11 '16 03:11 mandatoryprogrammer

Can't wait :)

thryb avatar Dec 15 '16 15:12 thryb