Stored XSS in InterMind iMind Server through 3.13.65 allows any user to hijack another user's session by sending a malicious file in the chat.
-
Updated
Nov 5, 2020
Stored XSS in InterMind iMind Server through 3.13.65 allows any user to hijack another user's session by sending a malicious file in the chat.
Performing TCP/IP exploits such as SYN Flooding, TCP RST attack on SSH and TLS connections, session hijacking, and revershell attacks
Limit the number of open sessions per users
XSS cookie stealer using a simple php script.
This repository contains a comprehensive analysis of the PandaBanker malware. The analysis includes examining various techniques employed by the malware such as API Hooking, Process Hijacking, and Memory Dumping. The investigation also involves practical steps using various tools to understand the malware's behavior and persistence mechanisms.
Python server captures inbound HTTP connections along with its respective cookies
KerioMaker (VPN Provider) Session Hijacker and upload to third-party site, You can convert this script into an executable file and send it to your target
Demo tool for hijacking TCP sessions
Notes & misc taken from Complete Ethical Hacking Bootcamp 2021: ZTM(ARCHIVED) and EC-Council's CodeRed
Demonstrating exploitation of missing HTTP cookie flags
A tiny flask app for helping pentesters and bug hunters in XSS, Session Hijacking, Session Riding and Cookie Thieve.
MySQLSessionHandler Class (PHP 7.1)
Powershell scripts for scanning ASP.NET apps
PHP Cookie Stealing Scripts for use in XSS
A Deliberately Insecure Web Application
Session Hijacking Visual Exploitation
Add a description, image, and links to the session-hijacking topic page so that developers can more easily learn about it.
To associate your repository with the session-hijacking topic, visit your repo's landing page and select "manage topics."