CookieCatcher – Tool to assist in the exploitation of XSS

CookieCatcher is an open source application which was created to assist in the exploitation of XSS (Cross Site Scripting) vulnerabilities within web applications to steal user session IDs (aka Session Hijacking). The use of this application is purely educational and should not be used without proper permission from the target application.For more information on XSS visit the following link: https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)For more information on Session Hijacking visit the following link: https://www.owasp.org/index.php/Session_hijacking_attackFeaturesPrebuilt payloads to steal cookie dataJust copy and paste payload into a XSS vulnerabilityWill send email notification when new cookies are stolenWill attempt to refresh cookies every 3 minutes to avoid inactivity timeoutsProvides full HTTP requests to hijack sessions through a proxy (BuRP, etc)Will attempt to load a preview when viewing the cookie dataPAYLOADSBasic AJAX AttackHTTPONLY evasion for Apache CVE-20120053More to comeRequirementsCookieCatcher is built for a LAMP stack running the following:PHP 5.x.xPHP-cURLMySQLLynx & crontabInstallationDownload the source from github git clone https://github.com/DisK0nn3cT/CookieCatcher.git or use the ZIP file and extract it on your server.Setup the directory as a virtualhost in Apache (I won’t go over these details, however, you may ask me via email or you can use google.)Create a database for the application and load the SETUP.sql file.Setup a cron job as shown in the SETUP.cron file.DEMOA live demo of the application can be viewed at http://m19.us. Small domain names are recommended to cut down on the character space needed for the payloads.Credits@disk0nn3ct – Author danny.chrastil@gmail.comDownload CookieCatcher

Link: http://feedproxy.google.com/~r/PentestTools/~3/nA3eOldWLlE/cookiecatcher-tool-to-assist-in.html

Clustering and Dimensionality Reduction: Understanding the “Magic” Behind Machine Learning

These days we hear about machine learning and artificial intelligence (AI) in all aspects of life. We see machines that learn and imitate the human brain in order to automate human processes. There are autonomous cars that learn the road conditions to drive, personal assistants we can converse with and machines that can predict what […]

Link: http://feedproxy.google.com/~r/Imperviews/~3/w4WLOaKLeZo/