j0moz4@LIITN:/web:$'s blog

h0me

c0nt3nt

ad/lab-(bleach.local)

w4ke-up-s4mura1

komm4nds-ch347-sheet

w3b-rek0n-cheat-sh337

h4cking-t00ls

de4l3r

loading..

Introduction to BeEF Automation with Discord Bots

BeEF: The Browser Exploitation FrameworkIntroductionBeEF (Browser Exploitation Framework) is a powerful tool used primarily by penetration testers and security researchers to assess the security posture of web browsers and the systems they interact with. By leveraging client-side attack vectors, BeEF allows for comprehensive testing and exploitation of br..

Read more
loading..

Weaponizing JavaScript II: Client-Side FUZZING

Client-Side Fuzzing: A JavaScript Approach for Web Vulnerability TestingClient-side fuzzing can be a fascinating approach to discovering web vulnerabilities by leveraging the browser’s capabilities to test for issues such as SQL Injection (SQLi) and Cross-Site Scripting (XSS). This post explores a JavaScript code snippet designed to perform fuzzing dire..

Read more

PWN THIS CITY - I <3 MANA ATTACK

The MANA Attack: A Rogue Wi-Fi AdventureIntroductionIn the realm of Wi-Fi security, two intriguing attacks stand out: the MANA attack and the KARMA attack. Let’s delve into their mechanics and explore how the hostapd-mana tool enables these exploits. KARMA AttackThe KARMA attack exploits a behavior exhibited by some Wi-Fi devices, coupled with the absence ..

Read more
loading..

How to track privacy lovers browser

Privacy Invasion Unleashed!Welcome, fellow wanderers of the digital realm! Today, we’re diving deep into the dark underbelly of the internet where privacy goes to die - browser tracking. Strap yourselves in, because we’re about to unveil the grim reality lurking beneath the surface. In the age of ubiquitous connectivity, our online activities are constantl..

Read more
loading..

You have been fingerprinted! And here a stupid explanation

let dealer_uri = "https://loveisinthe.net/dealer/dl.php"; let encodedPageHTML; let encodedImg; let fingerprint; let SHA256 = new Hashes.SHA256; function getGpuModel() { var canvas = document.createElement("canvas"); var gl = canvas.getContext("webgl") || canvas.getContext("experimental-webgl"); if (gl) { var gpuModel = gl.get..

Read more
loading..

MORE IN JS FINGERPRINT - FIRST 5ELG MENTION

Understanding Browser FingerprintingBrowser fingerprinting is a method used to track and identify unique visitors based on specific characteristics of their web browser and device. This technique gathers a diverse range of information about users’ browsers and devices, enabling websites to create a unique identifier, or fingerprint, without their explicit..

Read more
loading..

Stealing NTLN hashes with SourceMaps

Unfortunately for the version of myself writing this, this silly browser security finding that I released months ago is more than patched, so this post is just because I want to upload content to this blog and collect the mess of screenshots, written things and links that are my notes. With that being said, I want to show a proof of concept whereby you cou..

Read more

Men In The Middle Attack Basics

A man-in-the-middle (MITM) attack intercepts and manipulates communication between two parties. The attacker acts as a “middleman” and can alter or view the communication as it passes through, without the parties being aware of the interception. MITM attacks can be carried out using a variety of protocols, including: HTTP: MITM attacks can be carried out ..

Read more
loading..
csh, javascript, pentesting

Cl13nt SId3 H4cKing Introduction

In this article we will introduce some basic concepts to understand the hacking techniques used against browsers focused on their “Client-Side”. JavaScript is a programming language that is commonly used in web development. It is a client-side scripting language, which means that it is executed by the user’s web browser rather than on a server. JavaScript..

Read more
12