all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

WebView2-Cookie-Stealer - Attacking With WebView2 Applications

Add to bookmarks
July 12, 2022, 12:30 p.m. | noreply@blogger.com (Unknown)

KitPloit - PenTest Tools! www.kitploit.com


Please read this blog post to get more information.

Source Code

This code is a modified version of Microsoft's WebView2 Code. The current code can be cleaned up and made much better.


Demo

Launch Example



Usage Example



Usage

Tested on Windows 10 & 11.

When the binary is executed https://office.com/login is loaded up. A JavaScript keylogger is injected into every page and keystrokes are sent to http://127.0.0.1:8080. Furthermore, upon the user successfully authenticating the cookies for login.microsoftonline.com are base64-encoded …

applications cookie stealer webview2 windows windows 10

Visit resource

More from www.kitploit.com / KitPloit - PenTest Tools!

Vger - An Interactive CLI Application For Interacting With Authenticated Jupyter Instances 10 hours ago | www.kitploit.com
aisecurity application can cli +19
Drs-Malware-Scan - Perform File-Based Malware Scan On Your On-Prem Servers With AWS 1 day, 10 hours ago | www.kitploit.com
aws guardduty disaster recovery drs-malware-scan ransomware prevention
JAW - A Graph-based Security Analysis Framework For Client-side JavaScript 2 days, 10 hours ago | www.kitploit.com
client-side jaw property graph static analysis +3
Linux-Smart-Enumeration - Linux Enumeration Tool For Pentesting And CTFs With Verbosity Levels 2 days, 22 hours ago | www.kitploit.com
ctfs hackthebox linux enumeration linux-smart-enumeration +3
ShellSweep - PowerShell/Python/Lua Tool Designed To Detect Potential Webshell Files In A Specified Directory 4 days, 10 hours ago | www.kitploit.com
Invoke-SessionHunter - Retrieve And Display Information About Active User Sessions On Remote Computers (No Admin … 5 days, 10 hours ago | www.kitploit.com
credentials invoke-sessionhunter localhost registry +1
Subhunter - A Fast Subdomain Takeover Tool 6 days, 10 hours ago | www.kitploit.com
bugbounty bug bounty tools pentesting security tools +3
Hakuin - A Blazing Fast Blind SQL Injection Optimization And Automation Framework 6 days, 21 hours ago | www.kitploit.com
hakuin injection metadata mssql +6
BypassFuzzer - Fuzz 401/403/404 Pages For Bypasses 1 week, 1 day ago | www.kitploit.com
403 bypass 403 forbidden bugbounty bypassfuzzer +5

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Incident Response Lead(IR)

@ Blue Yonder | Hyderabad
View on infosec-jobs.com

Comcast Cybersecurity: Privacy Operations Executive Director

@ Comcast | PA - Philadelphia, 1701 John F Kennedy Blvd
View on infosec-jobs.com