Sniffly2 - Sniffing Browser History Using HSTS
Sniffly2 is a variant of Sniffly which abuses HTTP Strict Transport Security headers and the Performance Timing API in order to sniff your browsing history in Chromium-based browsers.
Demo
Visit http://diracdeltas.github.io/sniffly in Chrome/Chromium/Brave/etc. with HTTPS Everywhere disabled.
Caveats:
- does not work on mobile or Firefox
- does not work over HTTPS due to mixed content blocking.
- adblockers may taint results
Source: www.effecthacking.com
Sniffly2 - Sniffing Browser History Using HSTS
Reviewed by Anonymous
on
1:53 AM
Rating:
Reviewed by Anonymous
on
1:53 AM
Rating:
