XSS-keylogger – keylogging script that can be injected into websites vulnerable to cross-site scripting

free courses

A keylogging script that can be injected into websites vulnerable to cross-site scripting. The script tracks user keypresses by concatenating each keypress into a string that is POSTed to a server. The script can be found in file keylogscript.html and can be tested on file captainslog.html. The POST request is currently commented out, but if … Read more XSS-keylogger – keylogging script that can be injected into websites vulnerable to cross-site scripting

Play Music HTML5 Audio XSS Payload

XSS Payload

Play Music HTML5 Audio XSS Payload The script below allows you to share your favorite mp3 through your target browser. Let’s assume the XSS payload was injected into a web page that supports unrestricted HTML an mp3 audio file would then play to the visitors of the compromised web page. if(document.getElementById(‘xss_audio’) == null ) { … Read more Play Music HTML5 Audio XSS Payload

TP-Link router brute force XSS Payload

  TP-Link router brute force XSS Payload Based on the WebRTC mechanism to gather IP addresses, this script attempts to perform a dictionnary attack against TP-Link routers login and password. It just requires to define a more realistic dictionary. Payload Author: Kamil Vavra [php]function detectFirefox() { if (navigator.userAgent.toLowerCase().indexOf(‘firefox’) > -1) { //Do Firefox-related activities getLocalIP(); … Read more TP-Link router brute force XSS Payload

Subscribe to our mailing list.

yoast seo premium free