Chrome Extensions for Bug Bounty Hunters
1) Wappalyzer
2) Shodan
3) HackTools
4) Penetration Testing Kit
5) Mitaka
6) HackerTarget
7) Snov.io
8) Hunter - Email Finder Extension
9) EditThisCookie
10) User-Agent Switcher
11) d3coder
12) Trufflehog
13) DotGit
14) Retire.js
# https://securitytrails.com/blog/bug-bounty-hunting-browser-extensions
#chrome #extensions #bugbounty
1) Wappalyzer
2) Shodan
3) HackTools
4) Penetration Testing Kit
5) Mitaka
6) HackerTarget
7) Snov.io
8) Hunter - Email Finder Extension
9) EditThisCookie
10) User-Agent Switcher
11) d3coder
12) Trufflehog
13) DotGit
14) Retire.js
# https://securitytrails.com/blog/bug-bounty-hunting-browser-extensions
#chrome #extensions #bugbounty
👍1
Remotely Dumping Chrome Cookies
The method in this blog post does not require the remote debugger or Keychain (macOS)/DPAPI (Windows) access and applies to Chromium-based browsers in general
https://cedowens.medium.com/remotely-dumping-chrome-cookies-revisited-b25343257209
#chrome #cookie #dump #blog
The method in this blog post does not require the remote debugger or Keychain (macOS)/DPAPI (Windows) access and applies to Chromium-based browsers in general
https://cedowens.medium.com/remotely-dumping-chrome-cookies-revisited-b25343257209
#chrome #cookie #dump #blog
Medium
Remotely Dumping Chrome Cookies…Revisited
TL;DR Security researcher Ron Masas (twitter: @RonMasas) recently wrote a tool (chrome-bandit) that extracts saved password from…
This media is not supported in your browser
VIEW IN TELEGRAM
🔑 Extracting Credentials from Chrome Memory
An excellent study on how Chrome's memory works and how to extract credentials, cookies, etc. in а low privileges plain text format.
https://www.cyberark.com/resources/threat-research-blog/extracting-clear-text-credentials-directly-from-chromium-s-memory
#chrome #memory #dump #creds
An excellent study on how Chrome's memory works and how to extract credentials, cookies, etc. in а low privileges plain text format.
https://www.cyberark.com/resources/threat-research-blog/extracting-clear-text-credentials-directly-from-chromium-s-memory
#chrome #memory #dump #creds
👍10🔥5
APT
⚛️ Nuclei Templates AI Generator Nuclei Template Editor - AI-powered hub to create, debug, scan, and store templates. Covering a wide array of vulnerabilities using public templates & rich CVE data. 📝 Note: Current focus is HTTP, more protocols coming…
This media is not supported in your browser
VIEW IN TELEGRAM
⚛️ Nuclei AI — Browser Extension
Nuclei AI Browser Extension, built on top of cloud.projectdiscovery.io, simplifies the creation of vulnerability templates, by enabling users to extract vulnerability information from any webpages to quickly and efficiently create nuclei templates, saving valuable time and effort.
🚀 Features
— Context Menu Option to Generate Template
— HackerOne Report to Nuclei Template Generation
— ExploitDB exploit to Nuclei Template Generation
— BugCrowd / Intigriti / Synack support (Coming soon)
🔗 https://github.com/projectdiscovery/nuclei-ai-extension
#nuclei #template #generator #chrome #extension
Nuclei AI Browser Extension, built on top of cloud.projectdiscovery.io, simplifies the creation of vulnerability templates, by enabling users to extract vulnerability information from any webpages to quickly and efficiently create nuclei templates, saving valuable time and effort.
🚀 Features
— Context Menu Option to Generate Template
— HackerOne Report to Nuclei Template Generation
— ExploitDB exploit to Nuclei Template Generation
— BugCrowd / Intigriti / Synack support (Coming soon)
🔗 https://github.com/projectdiscovery/nuclei-ai-extension
#nuclei #template #generator #chrome #extension
🔥15❤3👍2
How to silently install any Chrome extension and avoid common indicators of compromise (IOCs). The method avoids using CLI parameters or registry edits, and persists via the Secure Preferences file
🔗 Source:
https://syntax-err0r.github.io/Silently_Install_Chrome_Extension.html
#chrome #persistence #maldev #c2
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥16👍2❤1
Introductory course on browser exploitation — not just covering individual JIT bugs, but a comprehensive dive into browser architecture, security layers, and principles of building exploit chains. The author demonstrates how to turn memory corruption into working exploits by analyzing a functional 3-stage chain for Chrome 130.
🔗 Source:
https://opzero.ru/en/press/101-chrome-exploitation-part-0-preface/
#chrome #v8 #sandbox #redteam
Please open Telegram to view this post
VIEW IN TELEGRAM
👍17❤4😱4🔥1