Sniffly2

Sniffly2 is a variant of Sniffly which abuses HTTP Strict Transport Security headers and the Performance Timing API in order to sniff your browsing history in Chromium-based browsers.

Demo

Visit http://diracdeltas.github.io/sniffly in Chrome/Chromium/Brave/etc. with HTTPS Everywhere disabled.

Caveats:

does not work on mobile or Firefox
does not work over HTTPS due to mixed content blocking.
adblockers may taint results

Acknowledgements

crbug436451, reported by imfaster...@gmail.com, for the idea of probing port 443 over HTTP
Scott Helme for providing an initial list of HSTS hosts

Name		Name	Last commit message	Last commit date
Latest commit History 70 Commits
util		util
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
blacklist.js		blacklist.js
hosts.js		hosts.js
index.html		index.html
index.js		index.js

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

util

util

.gitignore

.gitignore

LICENSE

LICENSE

README.md

README.md

blacklist.js

blacklist.js

hosts.js

hosts.js

index.html

index.html

index.js

index.js

Repository files navigation

Sniffly2

Demo

Acknowledgements

About

Releases

Packages

Contributors 3

Languages

License

diracdeltas/sniffly

Folders and files

Latest commit

History

Repository files navigation

Sniffly2

Demo

Acknowledgements

About

Resources

License

Stars

Watchers

Forks

Languages