Awesome
Proof of concepts
A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.
Image courtesy of Hackaday
<a href="https://www.buymeacoffee.com/edoverflow" target="_blank"><img src="https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png" alt="Buy Me A Coffee" style="height: auto !important;width: auto !important;" ></a>
Contents
.
├── CSRF
│ └── csrf_no_redirect.html
├── LICENSE
├── Open redirect
│ ├── open_redirect_referrer.html
│ └── open_redirect_sign_in_form.md
├── Other
│ ├── reverse_tabnabbing.html
│ └── subdomain_takeover.html
├── README.md
└── XSS
├── pastejacking_reflected_xss_payload.html
├── xss_hidden_input.html
└── xss_password_manager_form.html
Setup
Clone this repository to a website you use for testing purposes, publish everything, and you will be able to use all of the proof of concepts under the /proof-of-concepts/
directory (e.g. http://example.com/proof-of-concepts/pastejacking_reflected_xss_payload.html
).
$ git clone https://github.com/EdOverflow/proof-of-concepts.git
⚠ Legal Disclaimer
This project is made for educational and ethical testing purposes only. Usage any of the proof of concepts found in this repository for attacking targets without prior mutual consent is illegal. Developers assume no liability and are not responsible for any misuse or damage caused by these proof of concepts.
Contributing
Do you have a fun, creative and convincing proof of concept? Please feel free to submit a pull request and we will add it to this repository.
Using the issue tracker 💡
The issue tracker is the preferred channel for bug reports and features requests.
Issues and labels 🏷
The bug tracker utilizes several labels to help organize and identify issues.
Guidelines for bug reports 🐛
Use the GitHub issue search — check if the issue has already been reported.