Moein Erfanian electro0nes
electro0nes
/ csrf_multiple_post.html
Created
July 6, 2025 23:10
— forked from MEY-D/csrf_multiple_post.html
CSRF Multiple POST requests
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <body> | |
| <button onclick="run()">Click</button> | |
| <script> | |
| function addInput(form, paramString) { | |
| paramString.split("&").forEach(pair => { | |
| const [name, value] = pair.split("="); | |
| form.appendChild(Object.assign(document.createElement("input"), { |
electro0nes
/ hook.js
Created
July 5, 2025 17:38
logs all URLs loaded and requested on any webpage in real-time, displaying them in a neat bottom panel!
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| javascript:(()=>{if(window.__urlHookInjected)return;window.__urlHookInjected=!0;const t=/https?:\/\/[^\s"%27<>]+/gi,e=new Set,o=o=>{const c=o.match(t);c&&c.forEach((t=>{e.has(t)||(e.add(t),function(t){const e=document.createElement("div");e.textContent=t,n.appendChild(e),n.scrollTop=n.scrollHeight}(t),console.log(`[URL Hook] ${o}`))}))},n=document.createElement("div");n.style.position="fixed",n.style.bottom="0",n.style.left="0",n.style.width="100%",n.style.maxHeight="150px",n.style.overflowY="auto",n.style.backgroundColor="rgba(0,0,0,0.85)",n.style.color="lime",n.style.fontFamily="monospace",n.style.fontSize="12px",n.style.zIndex="9999999999",n.style.padding="5px 10px",n.style.borderTop="3px solid lime",n.innerHTML="<strong>URL Hook Panel</strong><br>",document.body.appendChild(n);const c=XMLHttpRequest.prototype.open;XMLHttpRequest.prototype.open=function(t,e){return o(`[XHR] ${t}: ${e}`),c.apply(this,arguments)};const r=window.fetch;window.fetch=function(t,e){const n="string"==typeof t?t:t&&t.url;return n&& |