Security

Using the Fullscreen API for password phishing

security
A year ago I had a try on social engineering and phishing techniques. Now I finally found the time to rework my code and to put it on GitHub: https://github.com/jaylinski/osprey The first – and only – module is using the Fullscreen API to spoof the address bar and make the user believe he’s on Facebook. I researched on other fullscreen phishing attacks and found a similar approch: http://feross.org/html5-fullscreen-api-attack/ The advantages of my version are: Read more...

1 of 1