fingerprintjs / external-protocol-flooding
Scheme flooding vulnerability: how it works and why it is a threat to anonymous browsing
☆644Updated 4 months ago
Related projects ⓘ
Alternatives and complementary repositories for external-protocol-flooding
- Surreptitiously exfiltrate data from the browser over DNS☆411Updated 4 years ago
- Using TLS 1.3 to evade censors, bypass network defenses, and blend in with the noise☆670Updated last year
- A demo for the no-JavaScript fingerprinting article☆508Updated 2 years ago
- Downloading images from the web is as easy as right clicking them and selecting "Save image as..", right? Well, not anymore xD☆343Updated 8 months ago
- Bundle web files into a single image☆1,275Updated last year
- Bypass Coudflare bot protection using Cloudflare Workers☆780Updated 3 years ago
- Start a local HTTP server without any tools, just open a web page.☆634Updated 3 years ago
- A tool for IDN homograph attacks and detection.☆731Updated 3 years ago
- The widget and docs for the proof of work challenge used in Friendly Captcha. Protect your websites and online services from spam and abu…☆414Updated 2 weeks ago
- Behave! A monitoring browser extension for pages acting as "bad boi"☆332Updated 4 years ago
- SSH-MITM - ssh audits made simple☆1,338Updated 2 months ago
- open source browser history page with analytics☆186Updated last year
- Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victi…☆1,454Updated 2 weeks ago
- Demo showcasing information leaks resulting from an IndexedDB same-origin policy violation in WebKit.☆101Updated last year
- Browser-based network scanner & local-IP detection☆431Updated 3 years ago
- Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service)☆791Updated 9 months ago
- the JS/Node.JS library for encoding complex and unconventional data structures. Support for BigInts, TypedArrays, null, undefined, and Sy…☆200Updated last year
- Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely.☆821Updated 3 years ago
- Browser extension to spoof timezone, geolocation, locale and user agent.☆1,820Updated last year
- ☆2,491Updated last year
- Data exfiltration over DNS request covert channel☆846Updated 6 months ago
- ☆1,115Updated 3 years ago
- NAT Slipstreaming allows an attacker to remotely access any TCP/UDP services bound to a victim machine, bypassing the victim’s NAT/firewa…☆1,901Updated last year
- ☆1,232Updated last year
- ☆45Updated last year
- Showcasing what in-app browsers do under the hood☆471Updated 2 years ago
- Preimage attack against NeuralHash 💣☆670Updated last year
- A MITM (monster-in-the-middle) detection tool. Used to build MALCOLM:☆807Updated 6 months ago
- Bot detection library that runs in the browser. Detects automation tools and frameworks. No server required, runs 100% on the client. MIT…☆1,052Updated last week