Click-Jack - Automatic tool to find Clickjacking Vulnerability in various Web applications

Prince Prafull

Last update: Jan 10, 2022

Related tags

Security related resources Click-Jack

Overview

CLICK-Jack

It is a automatic tool to find Clickjacking Vulnerability in various Web applications.

What is Clickjacking ?

Clickjacking, also known as a “UI redress attack”, is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they were intending to click on the top level page. Thus, the attacker is “hijacking” clicks meant for their page and routing them to another page, most likely owned by another application, domain, or both. Reference

Installation:

git clone https://github.com/princep4/Click-Jack.git
cd Click-Jack
pip install -r requirements.txt

Example:

To run on list of domains use below command:

python3 clickjack.py 
   
    
or
python3 clickjack.py urls.txt

Benifits:

It will work for list of urls
Output the list of the vulnerable urls in seperate text file

Support ME:

An auxiliary tool for iot vulnerability hunter

firmeye - IoT固件漏洞挖掘工具 firmeye 是一个 IDA 插件，基于敏感函数参数回溯来辅助漏洞挖掘。我们知道，在固件漏洞挖掘中，从敏感/危险函数出发，寻找其参数来源，是一种很有效的漏洞挖掘方法，但程序中调用敏感函数的地方非常多，人工分析耗时费力，通过该插件，可以帮助排除大部分的安全

171 Nov 28, 2022

It's a simple tool for test vulnerability shellshock

Shellshock, also known as Bashdoor, is a family of security bugs in the Unix Bash shell, the first of which was disclosed on 24 September 2014. Shellshock could enable an attacker to cause Bash to execute arbitrary commands and gain unauthorized access to many Internet-facing services, such as web servers, that use Bash to process requests.

88 Dec 23, 2022

A fast tool to scan prototype pollution vulnerability

proto A fast tool to scan prototype pollution vulnerability Syntax python3 proto.py -l alive.txt Requirements Selenium Google Chrome Webdriver Note :

4 Aug 31, 2021

It's a simple tool for test vulnerability Apache Path Traversal

SimplesApachePathTraversal Simples Apache Path Traversal It's a simple tool for test vulnerability Apache Path Traversal https://blog.mrcl0wn.com/2021

56 Dec 27, 2022

Exploit tool for Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerability

AdminerRead Exploit tool for Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerability Installation git clone https://github.com/p0dalirius/AdminerRea

58 Dec 5, 2022

Multi-Process Vulnerability Tool

1 Dec 22, 2021

open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability

CVE-2021-44228-log4jVulnScanner-metasploit open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability pre

7 Nov 9, 2022

Raphael is a vulnerability scanning tool based on Python3.

Raphael Raphael是一款基于Python3开发的插件式漏洞扫描工具。 Raphael is a vulnerability scanning too

5 Mar 21, 2022

😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.

😭 WSOB (CVE-2022-29464) 😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464. CVE-2022-29464 details:

25 Oct 14, 2022

Owner

Prince Prafull

Cyber Security Enthusiast

GitHub

Vulnerability Scanner & Auto Exploiter You can use this tool to check the security by finding the vulnerability in your website or you can use this tool to Get Shells

About create a target list or select one target, scans then exploits, done! Vulnnr is a Vulnerability Scanner & Auto Exploiter You can use this tool t

108 Dec 4, 2021

command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.

CVE-2021-36260 CVE-2021-36260 POC command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validatio

165 Dec 21, 2022

IP Denial of Service Vulnerability ")A proof of concept for CVE-2021-24086 ("Windows TCP/IP Denial of Service Vulnerability ")

CVE-2021-24086 This is a proof of concept for CVE-2021-24086 ("Windows TCP/IP Denial of Service Vulnerability "), a NULL dereference in tcpip.sys patc

1 Nov 25, 2021

Use FOFA automatic vulnerability scanning tool

AutoSRC Use FOFA automatic vulnerability scanning tool Usage python3 autosrc.py -e <FOFA EMAIL> -k <TOKEN> Screenshots License MIT Dev 6613GitHub6613

48 Oct 25, 2022

A python based tool that executes various CVEs to gain root privileges as root on various MAC OS platforms.

MacPer A python based tool that executes various CVEs to gain root privileges as root on various MAC OS platforms. Not all of the exploits directly sp

20 Nov 30, 2022

Docker is an open platform for developing, shipping, and running applications OS-level virtualization to deliver software in packages called containers However, 'security' is a top request on Docker's public roadmap This project aims at vulnerability check for such docker containers. New contributions are accepted

Docker-Vulnerability-Check Docker is an open platform for developing, shipping, and running applications OS-level virtualization to deliver software i

103 Aug 20, 2022

WebScan is a web vulnerability Scanning tool, which scans sites for SQL injection and XSS vulnerabilities

WebScan is a web vulnerability Scanning tool, which scans sites for SQL injection and XSS vulnerabilities Which is a great tool for web pentesters. Coded in python3, CLI. WebScan is capable of scanning and detecting sql injection vulnerabilities across HTTP and HTTP sites.

12 Dec 2, 2022

Click-Jack - Automatic tool to find Clickjacking Vulnerability in various Web applications

Related tags

Overview

CLICK-Jack

What is Clickjacking ?

Installation:

Example:

Benifits:

Support ME:

You might also like...

An auxiliary tool for iot vulnerability hunter

It's a simple tool for test vulnerability shellshock

A fast tool to scan prototype pollution vulnerability

It's a simple tool for test vulnerability Apache Path Traversal

Exploit tool for Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerability

Multi-Process Vulnerability Tool

open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability

Raphael is a vulnerability scanning tool based on Python3.

😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.

Owner

Prince Prafull

Vulnerability Scanner & Auto Exploiter You can use this tool to check the security by finding the vulnerability in your website or you can use this tool to Get Shells

command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.

IP Denial of Service Vulnerability ")A proof of concept for CVE-2021-24086 ("Windows TCP/IP Denial of Service Vulnerability ")

Use FOFA automatic vulnerability scanning tool

A python based tool that executes various CVEs to gain root privileges as root on various MAC OS platforms.

WebScan is a web vulnerability Scanning tool, which scans sites for SQL injection and XSS vulnerabilities

Yuyu Scanner is a Web Reconnaissance & Web Analysis Scanner to find assets and information about targets.

A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.

A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications