https://github.com/cbaezp/web-form-sniffer
A Next.js project demonstrating how websites can extract autofilled personal data from your browser without requiring a form submission.
https://github.com/cbaezp/web-form-sniffer
autofill cybersecurity infosec
Last synced: 3 months ago
JSON representation
A Next.js project demonstrating how websites can extract autofilled personal data from your browser without requiring a form submission.
- Host: GitHub
- URL: https://github.com/cbaezp/web-form-sniffer
- Owner: cbaezp
- License: mit
- Created: 2024-12-18T04:56:09.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2025-11-30T06:05:40.000Z (7 months ago)
- Last Synced: 2025-12-02T10:55:01.645Z (7 months ago)
- Topics: autofill, cybersecurity, infosec
- Language: TypeScript
- Homepage: https://web-form-sniffer.vercel.app/
- Size: 6.07 MB
- Stars: 4
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Web Form Sniffer ๐จ
A demonstration of how websites can extract autofilled personal information from your browser without you explicitly submitting a form. This project aims to raise awareness of the privacy risks associated with using autocomplete fields on websites.
---
## โจ Features
- **Real-Time Autofill Detection:** Automatically detects and logs autofilled fields from the browser.
- **Formatted Data Display:** Displays all extracted personal information in a styled UI.
- **No Submit Required:** Demonstrates how data can be extracted without a user clicking the submit button, using a visible email field as an example for the demo, while other fields remain hidden but still auto-filled.
---
## ๐ Live Demo
๐ [Live Project Link](https://web-form-sniffer.vercel.app/)
---
## ๐ ๏ธ Getting Started
### Prerequisites
To run this project locally, ensure you have the following installed:
- [Node.js](https://nodejs.org/) (v15 recommended)
- [npm](https://www.npmjs.com/) or [yarn](https://yarnpkg.com/)
### Installation
1. **Clone the repository**:
```bash
git clone https://github.com/cbaezp/web-form-sniffer.git
cd web-form-sniffer
```
2. **Install dependencies**:
Using npm:
```bash
npm install
```
Or using yarn:
```bash
yarn install
```
3. **Start the development server**:
Using npm:
```bash
npm run dev
```
Or using yarn:
```bash
yarn dev
```
4. **Open the app in your browser**:
By default, the app runs at `http://localhost:3000`. Visit the URL in your browser to view the project.
---
## ๐งช Testing the Project
1. Open the app and navigate to the form page.
2. Use your browser's autocomplete functionality to populate the fields (email).
3. Check how data is extracted and displayed without pressing the submit button.
---
## โ ๏ธ Disclaimer
This project is for **educational purposes only**. It demonstrates potential risks of using autocomplete on the web. Do not use this code for malicious purposes. Always respect user privacy.
---
## ๐ License
This project is licensed under the [MIT License](LICENSE).
---
## ๐ก Acknowledgments
Inspired by the need to educate users about online privacy risks. Special thanks to the open-source community for tools and resources.
### Similar Projects That Inspired This
- [Autofill_Danger](https://github.com/0dayCTF/Autofill_Danger)
- [browser-autofill-phishing](https://github.com/anttiviljami/browser-autofill-phishing)