Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/anttiviljami/browser-autofill-phishing
A simple demo of phishing by abusing the browser autofill feature
https://github.com/anttiviljami/browser-autofill-phishing
Last synced: 6 days ago
JSON representation
A simple demo of phishing by abusing the browser autofill feature
- Host: GitHub
- URL: https://github.com/anttiviljami/browser-autofill-phishing
- Owner: anttiviljami
- License: mit
- Created: 2017-01-05T17:49:09.000Z (almost 8 years ago)
- Default Branch: master
- Last Pushed: 2021-06-05T14:12:23.000Z (over 3 years ago)
- Last Synced: 2024-11-30T12:05:33.028Z (13 days ago)
- Language: JavaScript
- Homepage: https://anttiviljami.github.io/browser-autofill-phishing/
- Size: 374 KB
- Stars: 1,477
- Watchers: 55
- Forks: 118
- Open Issues: 4
-
Metadata Files:
- Readme: readme.md
- License: LICENSE.md
Awesome Lists containing this project
- awesome-hacking-lists - anttiviljami/browser-autofill-phishing - A simple demo of phishing by abusing the browser autofill feature (JavaScript)
README
# Browser Autofill Phishing 🐟
[![GitHub license](https://img.shields.io/badge/license-MIT-blue.svg)](https://raw.githubusercontent.com/anttiviljami/browser-autofill-phishing/master/LICENSE.md)
[![Awesome Humane Tech](https://raw.githubusercontent.com/humanetech-community/awesome-humane-tech/main/humane-tech-badge.svg?sanitize=true)](https://github.com/humanetech-community/awesome-humane-tech)This is a simple demonstration of form fields hidden from the user, but will be
filled anyways when using the browser form autofill feature, which poses a
security risk for users, unaware of giving their information to the website.## Google Chrome behaviour
Here's the demo in action on the Google Chrome Browser:
![Autofill Demo](autofill-demo.gif)
## Other browsers
It works differently in some other browsers. For example:
* In Safari, it will tell you all the data it is filling into the form, even
if it isn't visible to you.* In Firefox, you have to right click an input field and then select an
identity to use. So a Firefox user autofills each field.## Live demo
View the page at:
[https://anttiviljami.github.io/browser-autofill-phishing/](https://anttiviljami.github.io/browser-autofill-phishing/)## Contributing
Please feel free to submit pull requests to this repository for any additional
information you feel is important!## References
- ["Why you should not use autocomplete" on yoast.com](https://yoast.com/autocomplete-security/)