5ELG (I)/ Dealers wanna deal
In our previous post, we introduced 5ELG (https://github.com/jomoza/5ELG)This open-source project, with its modular “merca” (client-side) and “dealer” (server-side) components, offers a robust approach to tracking, data collection, and live monitoring, all within a customizable and scalable framework. Today, we’ll take a closer look at the full potential ..
Read moreBro5er dEaL finGerprinter, A Comprehensive Browser Fingerprinting Tool
Browser fingerprinting is a robust method for gathering detailed information about a user’s device, browser environment, and overall online behavior. With this data, websites and organizations can create a unique identifier for each user, even in scenarios where traditional tracking methods like cookies are ineffective. 5ELG - Bro5er dEaL finGerprinter is..
Read moreIntroduction to BeEF Automation with Discord Bots
BeEF: The Browser Exploitation FrameworkIntroductionBeEF (Browser Exploitation Framework) is a powerful tool used primarily by penetration testers and security researchers to assess the security posture of web browsers and the systems they interact with. By leveraging client-side attack vectors, BeEF allows for comprehensive testing and exploitation of br..
Read more
Weaponizing JavaScript II: Client-Side FUZZING
Client-Side Fuzzing: A JavaScript Approach for Web Vulnerability TestingClient-side fuzzing can be a fascinating approach to discovering web vulnerabilities by leveraging the browser’s capabilities to test for issues such as SQL Injection (SQLi) and Cross-Site Scripting (XSS). This post explores a JavaScript code snippet designed to perform fuzzing dire..
Read morePWN THIS CITY - I <3 MANA ATTACK
The MANA Attack: A Rogue Wi-Fi AdventureIntroductionIn the realm of Wi-Fi security, two intriguing attacks stand out: the MANA attack and the KARMA attack. Let’s delve into their mechanics and explore how the hostapd-mana tool enables these exploits. KARMA AttackThe KARMA attack exploits a behavior exhibited by some Wi-Fi devices, coupled with the absence ..
Read more
Weaponizing JavaScript: 🕵️ JSReciver v0.0
🕵️ JSReciver v0.0 - Intercepting the Web, One Request at a Time! 🕵️ https://github.com/jomoza/rejsciver Let’s talk about this GitHub project called JSReciver. This JavaScript script is a real game-changer when it comes to intercepting HTTP requests and doing some sneaky stuff. You won’t believe what this script can do! 🎯 What can JSReciver intercept?JSR..
Read more
How to track privacy lovers browser
Privacy Invasion Unleashed!Welcome, fellow wanderers of the digital realm! Today, we’re diving deep into the dark underbelly of the internet where privacy goes to die - browser tracking. Strap yourselves in, because we’re about to unveil the grim reality lurking beneath the surface. In the age of ubiquitous connectivity, our online activities are constantl..
Read more
You have been fingerprinted! And here a stupid explanation
let dealer_uri = "https://loveisinthe.net/dealer/dl.php"; let encodedPageHTML; let encodedImg; let fingerprint; let SHA256 = new Hashes.SHA256; function getGpuModel() { var canvas = document.createElement("canvas"); var gl = canvas.getContext("webgl") || canvas.getContext("experimental-webgl"); if (gl) { var gpuModel = gl.get..
Read more
MORE IN JS FINGERPRINT - FIRST 5ELG MENTION
Understanding Browser FingerprintingBrowser fingerprinting is a method used to track and identify unique visitors based on specific characteristics of their web browser and device. This technique gathers a diverse range of information about users’ browsers and devices, enabling websites to create a unique identifier, or fingerprint, without their explicit..
Read more
Stealing NTLN hashes with SourceMaps
Unfortunately for the version of myself writing this, this silly browser security finding that I released months ago is more than patched, so this post is just because I want to upload content to this blog and collect the mess of screenshots, written things and links that are my notes. With that being said, I want to show a proof of concept whereby you cou..
Read more