Skip to content

diracdeltas/sniffly

gh-pages
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
4 branches 3 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
util
 
 
.gitignore
 
 
LICENSE
 
 
README.md
 
 
blacklist.js
 
 
hosts.js
 
 
index.html
 
 
index.js
 
 
Sniffly2 Demo Acknowledgements

README.md

Sniffly2

Sniffly2 is a variant of Sniffly which abuses HTTP Strict Transport Security headers and the Performance Timing API in order to sniff your browsing history in Chromium-based browsers.

Demo

Visit http://diracdeltas.github.io/sniffly in Chrome/Chromium/Brave/etc. with HTTPS Everywhere disabled.

Caveats:

  • does not work on mobile or Firefox
  • does not work over HTTPS due to mixed content blocking.
  • adblockers may taint results

Acknowledgements

  • crbug436451, reported by imfaster...@gmail.com, for the idea of probing port 443 over HTTP
  • Scott Helme for providing an initial list of HSTS hosts

About

Sniffing browser history using HSTS

Resources

Readme

License

MIT license

Stars

938 stars

Watchers

58 watching

Forks

120 forks

Releases

3 tags

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages