Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/kiranreddyrebel/PostMessage_Fuzz_Tool

#BugBounty #BugBounty Tools #WebDeveloper Tool
https://github.com/kiranreddyrebel/PostMessage_Fuzz_Tool

Last synced: about 1 month ago
JSON representation

#BugBounty #BugBounty Tools #WebDeveloper Tool

Awesome Lists containing this project

README

        

# PostMessage_Fuzz_Tool Chrome app & Extension

## Installation ##

1. Install Tampermonkey
2. Install the TampermonkeyScript "postmessage-hook.js"

"Enable Developer Mode" by click toggle button in right side.

3. Then open chrome://extensions and drag "PostMessageMainTool.crx" to the screen and click add.
4. Then click "Load unpacked" button and select the folder "PostMessage_ui_extension-kiran" it will add the PostmessageUI extension on screen.

# How to get started.

1. Click on TamperMonkey icon and click on PostMessage script toggle button ( to enable it).
2. Goto chrome://apps and click on PostMessage Tool icon and click start button and minimize it.
3. The click on "postmesage ui" i.e "P" icon on your chrome toolbar which is our ui tool for postmessage. > click "logger"

It will open the logger tool popup. Now we are ready !!! to start capture the Message Handlers and Fuzz.

Simply Refresh the Browser tab "www.youtube.com", after loaded fully, click on "Dump Handlers" to dump the messages.

Once loaded all handlers, we can check them by clicking on "replay" button.
#
#
#
#
#
#Using : https://youtu.be/2CLWyj9uFEg

###Credits to Appcheck ng for POC tool.