Skip to content

kiranreddyrebel/PostMessage_Fuzz_Tool

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits

PostMessageMainTool.crx

PostMessageMainTool.crx

 
 

PostMessageMainTool.pem

PostMessageMainTool.pem

 
 

PostMessage_ui_extension-kiran.zip

PostMessage_ui_extension-kiran.zip

 
 

README.md

README.md

 
 

postmessage-hook.js

postmessage-hook.js

 
 

Repository files navigation

PostMessage_Fuzz_Tool Chrome app & Extension

Installation

  1. Install Tampermonkey
  2. Install the TampermonkeyScript "postmessage-hook.js"

"Enable Developer Mode" by click toggle button in right side.

  1. Then open chrome://extensions and drag "PostMessageMainTool.crx" to the screen and click add.
  2. Then click "Load unpacked" button and select the folder "PostMessage_ui_extension-kiran" it will add the PostmessageUI extension on screen.

How to get started.

  1. Click on TamperMonkey icon and click on PostMessage script toggle button ( to enable it).
  2. Goto chrome://apps and click on PostMessage Tool icon and click start button and minimize it.
  3. The click on "postmesage ui" i.e "P" icon on your chrome toolbar which is our ui tool for postmessage. > click "logger"

It will open the logger tool popup. Now we are ready !!! to start capture the Message Handlers and Fuzz.

Simply Refresh the Browser tab "www.youtube.com", after loaded fully, click on "Dump Handlers" to dump the messages.

Once loaded all handlers, we can check them by clicking on "replay" button.

#Using : https://youtu.be/2CLWyj9uFEg

###Credits to Appcheck ng for POC tool.

About

#BugBounty #BugBounty Tools #WebDeveloper Tool

Resources

Readme
Activity

Stars

34 stars

Watchers

2 watching

Forks

10 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages