Topic: "html-smuggling"
abdulkadir-gungor/HtmlSmuggling
HTML smuggling is a malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachment or web page. The malicious script decodes and deploys the payload on the targeted device when the victim opens/clicks the HTML attachment/link. The HTML smuggling technique leverages legitimate HTML5 and JavaScript features to hide malicious payloads and evade security detections. The HTML smuggling method is highly evasive. It could bypass standard perimeter security controls like web proxies and email gateways, which only check for suspicious attachments like EXE, DLL, ZIP, RAR, DOCX or PDF
Language: Python - Size: 15.6 KB - Last synced at: about 1 month ago - Pushed at: almost 3 years ago - Stars: 127 - Forks: 23
JumpsecLabs/WALK_WebAssembly_Lure_Krafter
A web assembly (WASM) phishing lure generator based on pre-built templates and written in Rust with some GenAI assistance. W.A.L.K. aims at aiding with initial access during red teams and phishing exercises leveraging WASM smuggling techniques.
Language: Rust - Size: 1.33 MB - Last synced at: 11 months ago - Pushed at: 11 months ago - Stars: 16 - Forks: 3
SecurityJosh/DownloadBlocker
A chrome extension which blocks downloads based on their file extension / origin. Can be used to prevent HTML Smuggling attacks.
Language: JavaScript - Size: 313 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 13 - Forks: 10
six-two/self-unzip.html
A tool to create self decompressing websites, that only need a browser to be opened
Language: Python - Size: 275 KB - Last synced at: 21 days ago - Pushed at: 3 months ago - Stars: 3 - Forks: 0
