Khoj Open Redirect Vulnerability in Login Page

Summary An attacker can use the next parameter on the login page to redirect a victim to a malicious page, while masking this using a legit-looking app.khoj.dev url. For example, https://app.khoj.dev/login?next=//example.com will redirect to the https://example.com page. Details The problem seems...

Facad1ng - The Ultimate URL Masking Tool - An Open-Source URL Masking Tool Designed To Help You Hide Phishing URLs And Make Them Look Legit Using Social Engineering Techniques

Facad1ng is an open-source URL masking tool designed to help you Hide Phishing URLs and make them look legit using social engineering techniques. Your phishing link: https://example.com/whatever Give any custom URL: gmail.com Phishing keyword: anything-u-want Output:...

Brave Software: Clickjacking or URL Masking

I am able to reproduce the bug in : Brave: 0.13.2 rev: 25b1199fb6154b089cbad37926483239495b9800 Muon: 2.0.19 libchromiumcontent: 54.0.2840.100 V8: 5.4.500.41 Node.js: 7.0.0 Update Channel: dev os.platform: win32 os.release: 6.1.7601 os.arch: x64 Steps to reproduce : 1. Open click.html 2. Then try...