seabreg / httppwnly Goto Github PK
View Code? Open in Web Editor NEWThis project forked from danladi/httppwnly
"Repeater" style XSS post-exploitation tool for mass browser control. Primarily a PoC to show why HttpOnly flag isn't a complete protection against session hijacking via XSS