You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The script you have is a Clickjacking Proof of Concept (PoC) tool that allows you to test websites for clickjacking vulnerability.
1
+
# Clickjacking Proof of Concept (PoC)
2
+
3
+
This repository contains a simple Clickjacking Proof of Concept (PoC) tool designed to demonstrate how websites can be vulnerable to Clickjacking attacks.
4
+
5
+
## How to Use
6
+
### 1. Visit https://sudosura.github.io/clickjacking-poc.html, and you open the page, you’ll be prompted to enter the URL of the website you want to test for clickjacking vulnerabilities.
7
+
### 2. Enter the domain or URL and boom!
8
+
9
+
## What is Clickjacking?
10
+
11
+
Clickjacking is a malicious technique where an attacker tricks a user into clicking on something different from what the user perceives, potentially leading to actions such as changing settings or making unintended purchases. This tool helps test if a website is vulnerable to Clickjacking.
12
+
13
+
The PoC works by embedding a target URL inside an iframe and checking if the website loads without frame busting protections, such as the `X-Frame-Options` or `Content-Security-Policy` headers.
14
+
15
+
## Features
16
+
- Test any website for Clickjacking vulnerabilities.
17
+
- Provides mitigation and remediation steps for securing against Clickjacking.
18
+
- Displays the status of the website (vulnerable or protected).
0 commit comments