Malicious Chrome extension – GitHub.com Account takeover PoC

Comments off | Other By · 01/07/2023



Malicious Chrome extension – GitHub.com Account takeover PoC

Malicious Chrome extension - GitHub.com Account takeover PoC

DISCLAIMER:
This is for educational purposes only. Do NOT use this extension with any other purposes.

This is a demo of how dangerous Chrome/Chromium extensions can be… It’s based on the work of Matt Frisbie:
– GitHub profile: https://github.com/msfrisbie
– Matt Frisbie web: https://www.mattfriz.com
– Source code for the extension: https://github.com/msfrisbie/spy-extension

In this demo we demonstrate how we can capture cookies from a user and then import them in another browser to perform an account takeover attack, in this case for GitHub.com.

53GB.COM GPTSTORE CPU Yougpt Gptsio Gpt-store-Nav