I hereby claim:
- I am jakekarnes42 on github.
- I am jakekarnes (https://keybase.io/jakekarnes) on keybase.
- I have a public key ASCRTEY9DgdyMbIG7PHshYfpHvzbpTh_iv5IFqJtrGxZPQo
To claim this, I am signing this object:
Jake Karnes jakekarnes42
jakekarnes42
/ clickjack_template.html
Last active
November 1, 2019 21:04
PoC to show a site could be embedded in an iFrame
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- Replace the iFrame source with victim URL--> | |
| <html> | |
| <style> | |
| iframe { | |
| width:1000px; | |
| height:500px; | |
| top:0; left:0; | |
| border: 10px solid black; | |
| } | |
| </style> |
jakekarnes42
/ csrf_json_simple.html
Created
August 7, 2019 23:07
CSRF PoC HTML for POSTing JSON values
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- | |
| PoC only. Useful for CSRF involving JSON values. Must actually click button to submit. | |
| Submits a request that looks like the following: | |
| POST /oneliner/ws/vulnerable/oneliners HTTP/1.1 | |
| Host: local.1-liner.org | |
| User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0 |
jakekarnes42
/ keybase.md
Created
November 30, 2016 00:18
NewerOlder