download clickjacking tool
Clickjacking or click hijacking is a type of attack in which attacker use transparent frame to trick a user to click on a link where user wants to click on another page while user wants to click on top level page. Read more in the older postAlthough it has been two years since the concept was first introduced, most websites still have not implemented effective protection against clickjacking. In part, this may be because of the difficulty of visualising how the technique works in practice.
I got a perfect tool for testing clickjacking. This new browser-based tool allows a user to experiment with clickjacking techniques by using point-and-click to visually select different elements within a webpage to be targeted. The tool also allows several 'next-generation' clickjacking techniques to be used, as introduced in Paul Stone's Blackhat Europe 2010 talk.
Features:
- Use point-and-click to select the areas of a page to be targeted
- Supports the new 'text-field injection' technique
- Supports the new 'content extraction' technique
- 'Visible mode' replay allowing a user to see how the technique works behind the science
- 'Hidden mode' replay allows the same steps to be replayed in a hidden manner, simulating a real clickjacking attack.
The tool is currently in an early beta stage, and works best in Firefox 3.6. Full support for other browsers will follow shortly. For further information, please see the Readme.txt file in the downloadable tool.
Read More:
Download Here:
http://www.contextis.co.uk/resources/tools/clickjacking-tool/cjtool.zip
0 comments:
Post a Comment