Sniffly2 - Sniffing Browser History Using HSTS
Sniffly2 is a variant of Sniffly which abuses HTTP Strict Transport Security headers and the Performance Timing API in order to sniff your browsing history in Chromium-based browsers.
Demo
Visit http://diracdeltas.github.io/sniffly in Chrome/Chromium/Brave/etc. with HTTPS Everywhere disabled.
Caveats:
- does not work on mobile or Firefox
- does not work over HTTPS due to mixed content blocking.
- adblockers may taint results
You might also like:
- 14 Best IP Hide Tools 2020
- Srm - Command-line Tool For Deleting Files Permanently
- CIAT - Crypto Implementations Analysis Toolkit
- fwknop - Single Packet Authorization
- Proxyp - Multithreaded Proxy Enumeration Utility
- PeStudio - Malware Initial Assessment Tool
- Hasher - Tool For Creating & Comparing Hashes
- NIELD - Network Interface Events Logging Daemon
- IgorWare Hasher - Tool For Verifying The Integrity Of Downloaded Files
- BlackArch Linux - Penetration Testing Distribution
- AIEngine - An Artificial Intelligent Intrusion Detection System Engine
- GDB - The GNU Project Debugger
- XSSless - An Automated XSS Payload Generator
- Malheur - Tool For Malware Analysis
- dotDefender - Web Application Firewall
- DirBuster - File & Directory Brute Forcing Tool
- FoxAnalysis - Firefox Internet History Analysis Tool
- DAVOSET - Tool For Performing DDoS Attacks Via Other Sites
- Router Password Kracker - Tool For Cracking Router/Modem/Website Passwords
- Memoryze - Memory Forensics Tool
- Xplico - Network Forensic Analysis Tool
Post a Comment