CDB is a Chrome Debug Protocol utility. The main goal of the tool is to automate common tasks to help debug web applications from the command-line and actively monitor and intercept HTTP requests and responses. This is particularly useful during penetration tests and other types of security assessments and investigations.
This tool is meant to be used as part of Pown.js but it can be invoked separately as an independent tool.
Install Pown first as usual:
$ npm install -g pown@latest
Invoke directly from Pown:
$ pown cdb
Install this module locally from the root of your project:
$ npm install @pown/cdb –save
Once done, invoke pown cli:
$ POWN_ROOT=. ./node_modules/.bin/pown-cli cdb
pown cdb
Chrome Debug Protocol Tool
Commands:
pown cdb launch Launch server application such as chrome, firefox, opera and edge [aliases: start]
pown cdb navigate Go to the specified url [aliases: goto, go]
pown cdb network Chrome Debug Protocol Network Monitor [aliases: net, sniff, proxy, mon, monitor]
pown cdb cookies Dump current page cookies [aliases: cookie]
pown cdb screenshot Screenshot the current page [aliases: capture, shoot, shot]
Options:
–version Show version number [boolean]
–help Show help [boolean]
pown cdb navigate
pown cdb navigate
Go to the specified url
Options:
–version Show version number [boolean]
–help Show help [boolean]
–host, -H Remote debugging host [string] [default: “localhost”]
–port, -p Remote debugging port [number] [default: 9222]
–secure, -s HTTPS/WSS frontend [boolean] [default: false]
pown cdb network
pown cdb network
Chrome Debug Protocol Network Monitor
Options:
–version Show version number [boolean]
–help Show help [boolean]
–host, -H Remote debugging host [string] [default: “localhost”]
–port, -p Remote debugging port [number] [default: 9222]
–secure, -s HTTPS/WSS frontend [boolean] [default: false]
–output, -o Output directory/file [array] [default: []]
–blessed, -b Start with blessed ui [boolean] [default: false]
A GPU-accelerated cross-platform terminal emulator and multiplexer written by @wez and implemented in Rust Getting…
一句话介绍工具: AutorizePro 是一款创新性的内置AI分析模块的专注于越权检测的 Burp 插件 (已有多个白帽反馈用工具嘎嘎挖到src洞, 每周末更新, 欢迎Star🌟以便持续跟踪项目最新版本功能) 工具背景 越权漏洞在黑盒测试、SRC挖掘中几乎是必测的一项,但手工逐个测试越权漏洞往往会耗费大量时间。 而自动化工具又因为接口的多样化,难以制定一个全面的检测逻辑而存在大量误报, 基于此产生了 AI辅助分析的检测工具 ➡️ AutorizePro…
Sharp RDP Hijack is a proof-of-concept .NET/C# Remote Desktop Protocol (RDP) session hijack utility. RDP…
Executing .NET Files from an Unmanaged Process with Manual CLR Loading. Manually loading the CLR…
Dive into the dark intricacies of BlackPill, a sophisticated Linux rootkit engineered in Rust that…
The Modern, Blazing Fast Port Scanner. Find ports quickly (3 seconds at its fastest). Run…