GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → compewter → whoof

compewter / whoof

Licence: BSD-3-Clause License
Web Browser Hooking Framework. Manage, execute and assess web browser vulnerabilities

Programming Languages

javascript
184084 projects - #8 most used programming language
CSS
56736 projects
HTML
75241 projects

Labels

nodejssecurityframeworkbrowserwebappsechooking

Projects that are alternatives of or similar to whoof

appsec-education
Presentations, training modules, and other education materials from Duo Security's Application Security team.
Stars: ✭ 59 (+145.83%)
Mutual labels:  appsec
www-project-vulnerable-web-applications-directory
The OWASP Vulnerable Web Applications Directory (VWAD) Project - OWASP Web Site
Stars: ✭ 10 (-58.33%)
Mutual labels:  appsec
RenHook
An open-source x86 / x86-64 hooking library for Windows.
Stars: ✭ 80 (+233.33%)
Mutual labels:  hooking
edge
Application-embedded connectivity and zero-trust components
Stars: ✭ 44 (+83.33%)
Mutual labels:  appsec
RedditVanced
Reddit Android app mod inspired by Aliucord
Stars: ✭ 41 (+70.83%)
Mutual labels:  hooking
threatmodel-sdk
A Java library for parsing and programmatically using threat models
Stars: ✭ 68 (+183.33%)
Mutual labels:  appsec
embeddedappsec
Embedded AppSec Best Practices
Stars: ✭ 38 (+58.33%)
Mutual labels:  appsec
SnifferIH
DLL Hooking Packet Sniffer
Stars: ✭ 15 (-37.5%)
Mutual labels:  hooking
nerdbug
Full Nuclei automation script with logic explanation.
Stars: ✭ 153 (+537.5%)
Mutual labels:  appsec
Simplified-JNA
Multi-threaded JNA hooks and simplified library access to window/key/mouse functions.
Stars: ✭ 30 (+25%)
Mutual labels:  hooking
dll injector
A simple commandline injector using classic DLL injection
Stars: ✭ 81 (+237.5%)
Mutual labels:  hooking
MinHook.NET
A C# port of the MinHook API hooking library
Stars: ✭ 128 (+433.33%)
Mutual labels:  hooking
dependency-check-plugin
Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
Stars: ✭ 107 (+345.83%)
Mutual labels:  appsec
nodejssecurity
Documentation for Essential Node.js Security
Stars: ✭ 64 (+166.67%)
Mutual labels:  appsec
vapi
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
Stars: ✭ 674 (+2708.33%)
Mutual labels:  appsec
hook-any-text
The goal of this project is to provide an alternative to well established text hookers, whose features are restrained to a certain number of game engines and emulators.
Stars: ✭ 51 (+112.5%)
Mutual labels:  hooking
hookey
Enables all the DLCs. Like Creamapi but just for linux and a subset of Paradox games.
Stars: ✭ 87 (+262.5%)
Mutual labels:  hooking
sqlinjection-training-app
A simple PHP application to learn SQL Injection detection and exploitation techniques.
Stars: ✭ 56 (+133.33%)
Mutual labels:  appsec
ObsidianSailboat
Nmap and NSE command line wrapper in the style of Metasploit
Stars: ✭ 36 (+50%)
Mutual labels:  appsec
singlefile
featured cs:go internal hack, one file and less than 1000 lines.
Stars: ✭ 47 (+95.83%)
Mutual labels:  hooking
View All Similar Projects ➔

whoof (Web-Browser Hooking Framework)

whoof is an early stage lightweight web browser hooking framework. A web browser hook can be thought of as a backdoor in a web page allowing an attacker to execute commands in the page with or without the visitor noticing. whoof is a web application security tool to manage, execute and assess web browser vulnerabilities.

whoof uses Node/Express server-side, with React/Redux on the client-side.

Hooked browsers are managed via WebSockets.

ss

Check out the wiki for details on features and getting started.

Features

Custom Attacks

Use the attack builder to construct custom attacks on the fly.

screenshot

Execute Arbitrary Commands with the Terminal

Use the terminal to execute arbitrary commands or retrieve data from hooked pages. ss

Easily import/export attacks

One click download an exported attack which can easily be imported in the admin web app.

This repo was built off of and ejected from Facebook's create-react-app

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].