lcatro / cross_domain_postmessage_vuln_dig
WEB 跨域postMessage() 漏洞挖掘工具,基本原理:使用AJAX 获取页面代码,结合iframe 和data 协议构造测试环境,然后在iframe 下的window.onmessage 中插入hook 监控onmessage 的参数,最后通过能否被原来的onmessage 逻辑引用参数中的data 属性来判断是否可以跨域传递数据..
☆11Updated 8 years ago
Alternatives and similar repositories for cross_domain_postmessage_vuln_dig:
Users that are interested in cross_domain_postmessage_vuln_dig are comparing it to the libraries listed below
- 分布式的sqlmapapi☆11Updated 8 years ago
- Eagle is a Web Application Attack and Audit Framework. Eagle has moved to Bitbucket.☆11Updated 8 years ago
- ☆14Updated 6 years ago
- Penetration Test Framwork☆22Updated 6 years ago
- Struts2 Vuls Scanner base perl script☆22Updated 9 years ago
- DNS log http://zone.wooyun.org/content/27119☆21Updated 8 years ago
- Automatic detection of security holes☆8Updated 2 years ago
- 这里会收集各种类型的CVE PoC 和EXP ,仅用来学习漏洞挖掘相关技术..☆31Updated 8 years ago
- ☆11Updated 8 years ago
- XSS hunter 收集Webview 页面上存在的反射,储存型XSS ,方便应急APP 和前端页面在发布时遇到XSS 安全问题..☆42Updated 8 years ago
- 通用的POC检测框架,有足够的POC,就可以找出相应的漏洞☆44Updated 8 years ago
- safe_tools☆26Updated 7 years ago
- S2-055的环境,基于rest-show-case改造☆37Updated 7 years ago
- 一些漏洞场景的还原,基于https://www.exploit-db.com/☆36Updated 7 years ago
- Xss Scaner☆40Updated 11 years ago
- 一个监控 pastebin 的敏感内容,并发微博的 bot☆15Updated 7 years ago
- Sniffer vulnerabilities in http request (chrome extension)☆21Updated 8 years ago
- subdomain、port、folder scanner☆26Updated 9 years ago
- cloudsafe 云安全扫描☆23Updated 11 years ago
- 针对PHP网马的正则查杀☆12Updated 7 years ago
- Keyboard Weak Password☆28Updated 9 years ago
- 一款Python 3编写的Struts2安全检测集成工具☆35Updated 8 years ago
- ☆18Updated 7 years ago
- 分布式扫描框架☆61Updated 9 years ago
- Enterprise Security Response Center Development Framework☆11Updated 8 years ago
- ☆17Updated 7 years ago
- Zabbix Jsrpc.php Injection Exploit☆25Updated 8 years ago
- 各种漏洞poc、Exp的收集或编写☆18Updated 8 years ago
- 基于Linux c开发的插件式扫描器(Python/lua)☆35Updated 9 years ago
- It is a Python+Perl script to exploit ASP.net Padding Oracle vulnerability.☆19Updated 8 years ago