Session Hijacking Visual Exploitation

A Deliberately Insecure Web Application

PHP Cookie Stealing Scripts for use in XSS

Powershell scripts for scanning ASP.NET apps

A tiny flask app for helping pentesters and bug hunters in XSS, Session Hijacking, Session Riding and Cookie Thieve.

MySQLSessionHandler Class (PHP 7.1)

The Device Fingerprint Generator is a web-based tool that uniquely identifies devices based on various browser and system attributes. By leveraging JavaScript and web APIs, it creates a consistent fingerprint that can be used for analytics, fraud prevention, and security purposes.

Demo tool for hijacking TCP sessions

Demonstrating exploitation of missing HTTP cookie flags

Notes & misc taken from Complete Ethical Hacking Bootcamp 2021: ZTM(ARCHIVED) and EC-Council's CodeRed

CyberX-AI-Digital-Twin is an AI-powered cybersecurity platform that uses digital twin technology to simulate, detect, and analyze cyber threats in a safe, isolated environment. Ideal for researchers, developers, and educators to test and enhance network security.

경찰청 자문을 위해 진행한 프로젝트

Python server captures inbound HTTP connections along with its respective cookies

KerioMaker (VPN Provider) Session Hijacker and upload to third-party site, You can convert this script into an executable file and send it to your target

Brave Browser cookie-stealer for generic Linux/Unix environments

Stored XSS in InterMind iMind Server through 3.13.65 allows any user to hijack another user's session by sending a malicious file in the chat.

HTTP Session Security for Laravel

A part of Hijack Challenge from Tryhackme

Performing TCP/IP exploits such as SYN Flooding, TCP RST attack on SSH and TLS connections, session hijacking, and revershell attacks