all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

JS-Tap - JavaScript Payload And Supporting Software To Be Used As XSS Payload Or Post Exploitation Implant To Monitor Users As They Use The Targeted Application

Add to bookmarks
May 4, 2024, 12:30 p.m. | noreply@blogger.com (Unknown)

KitPloit - PenTest Tools! www.kitploit.com


JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the targeted application. Also includes a C2 for executing custom JavaScript payloads in clients.


Changelogs

Major changes are documented in the project Announcements:
https://github.com/hoodoer/JS-Tap/discussions/categories/announcements

Demo

You can read the original blog post about JS-Tap here:
javascript-for-red-teams">https://trustedsec.com/blog/js-tap-weaponizing-javascript-for-red-teams

Short demo from ShmooCon of JS-Tap version 1:
https://youtu.be/IDLMMiqV6ss?si=XunvnVarqSIjx_x0&t=19814

Demo of JS-Tap version 2 at HackSpaceCon, including C2 and how …

js-tap multithreaded taken traffic useless vps xss

Visit resource

More from www.kitploit.com / KitPloit - PenTest Tools!

Reaper - Proof Of Concept On BYOVD Attack 20 hours ago | www.kitploit.com
actions attack attackers bring your own vulnerable driver +15
Ars0N-Framework - A Modern Framework For Bug Bounty Hunting 1 day, 20 hours ago | www.kitploit.com
ars0n-framework shuffledns subdomain subdomains +6
Headerpwn - A Fuzzer For Finding Anomalies And Analyzing How Servers Respond To Different HTTP … 2 days, 20 hours ago | www.kitploit.com
burp fuzzer headerpwn headers +2
LDAPWordlistHarvester - A Tool To Generate A Wordlist From The Information Present In LDAP, In … 3 days, 20 hours ago | www.kitploit.com
accounts active directory crack domain +13
Pyrit - The Famous WPA Precomputed Cracker 4 days, 20 hours ago | www.kitploit.com
packet pyrit python2 python3 +4
SherlockChain - A Streamlined AI Analysis Framework For Solidity, Vyper And Plutus Contracts 5 days, 20 hours ago | www.kitploit.com
ai scan erc20 hacking tools etherium sherlockchain +2
Domainim - A Fast And Comprehensive Tool For Organizational Network Scanning 6 days, 20 hours ago | www.kitploit.com
bruteforcing current dns domain +20
JA4+ - Suite Of Network Fingerprinting Standards 1 week ago | www.kitploit.com
cybersecurity golang ja3 ja3 fingerprint +7
PoolParty - A Set Of Fully-Undetectable Process Injection Techniques Abusing Windows Thread Pools 1 week, 1 day ago | www.kitploit.com
abusing black hat collection injection +10

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia
View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)
View on infosec-jobs.com