• Stars
    star
    181
  • Rank 212,110 (Top 5 %)
  • Language
    JavaScript
  • Created over 6 years ago
  • Updated over 6 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Check if your VPN leaks your IP address via the WebRTC technology

WebRTC-Leak

Check if your VPN leaks your IP address via the WebRTC technology.

23% of tested VPNs leaks users' IPs

WebRTC

Browsers have implemented WebRTC that allow requests to STUN servers be made that will return the local and public IP addresses for the user. These request results are available to javascript, so you can now obtain a users local and public IP addresses in javascript. This demo: https://ip.voidsec.com/ is an example implementation of that.

Additionally, these STUN requests are made outside of the normal XMLHttpRequest procedure, so they are not visible in the developer console and cannot be blocked by plugins such as AdBlockPlus or Ghostery. This makes these types of requests available for online tracking, de-anonymize and trace users behind common privacy protection services such as: VPN, SOCKS Proxy, HTTP Proxy and (in the past) TOR users.

Read my research on: https://voidsec.com/vpn-leak

More Repositories

1

CVE-2020-1472

Exploit Code for CVE-2020-1472 aka Zerologon
Python
370
star
2

DriverBuddyReloaded

Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks
Python
305
star
3

Exploit-Development

Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
Python
210
star
4

Combination-of-many-breaches

TOP 40 - 1.4 Billion Clear Text Credentials
24
star
5

shopping-cart

Shopping Cart is a free, open source web application provided to allow security enthusiest to pen-test and hack a web application. Can be installed on Linux, Windows XP, and Windows 7 using XAMMP making it easy for users who do not want to install or administrate their own webserver. Contains dozens of vulnerabilities; providing an easy-to-use web hacking environment deliberately designed to be used as a hack-lab for security enthusiast, classroom labs, and vulnerability assessment tool targets. Shopping Cart has been tested/attacked with Acunetix, Kali Linux, W3AF, SQLMAP, Samurai WTF, Backtrack, Burp-Suite, NetSparker, and other tools. If you would like to practice pen-testing/hacking a web application by exploiting cross-site scripting, sql injection, response-splitting, html injection, javascript injection, clickjacking, cross frame scripting, forms-caching, authentication bypass, or many other vulnerabilities, then Shopping Cart is for you.
CSS
19
star
6

SolarPuttyDecrypt

A post-exploitation tool to decrypt SolarPutty's sessions files
C#
15
star
7

CVE-2020-1337

CVE-2020-1337 a bypass of (PrintDemon) CVE-2020-1048’s patch
14
star
8

VulnerableWindowsDrivers

A collection of Vulnerable Windows Drivers
PowerShell
14
star
9

CVE-2019-5624

A proof of concept for Metasploit's CVE-2019-5624 vulnerability (Rubyzip insecure ZIP handling RCE)
14
star
10

ida-helpers

Collection of IDA helpers
Python
13
star
11

SLAE

SecurityTube Linux Assembly Expert x86 Exam
Assembly
11
star
12

Tivoli-Madness

Advisory for CVE-2020-28054 & stack based buffer overflow in IBM Tivoli Storage Manager
Python
7
star
13

Joomla_CVE-2015-8562

A proof of concept for Joomla's CVE-2015-8562 vulnerability (Object Injection RCE)
Python
7
star
14

mona-ropshell

For all loaded modules (DLLs), fetch ROP gadgets querying Ropshell DB
Python
5
star
15

VirIT-Explorer-LPE-Arbitrary-Code-Execution

VirIT Explorer v.8.1.68 Local Privilege Escalation (System)/Arbitrary Code Execution
C
3
star
16

voidsec

About VoidSec
2
star
17

TrueCrypt

v.7.1a Based on: https://www.grc.com/misc/truecrypt/truecrypt.htm
2
star
18

dji_phantom3_helper

Various scripts and stuff in order to better analyze the DJI Phantom 3 Protocol
Python
1
star
19

CommandLine

1
star
20

InsightVM-PHP-API

Quick and dirty PHP scripts to interact with InsightVM (Rapid 7)
PHP
1
star
21

USB-Web-Server

USB Web Server 8.6 Mirror
1
star
22

RagnarokConfigDecrypt

Ragnarok Configuration Decrypt
C++
1
star
23

derive

Recursive Batch File Downloader for PHP Path Traversal
Python
1
star