• Home
  • Become a Hacker
    • Get Started
    • Hacker Mindset
    • Roadmap
    • Simple Setup – Hacker 101
    • Types of Hackers
    • Recommended Courses
  • Boot People Offline
  • Courses
    • All Hacking Courses
    • Cyber Security School
  • CTF
    • Beginners to Advanced Guide
    • Create your own CTF box
    • Field and Resources Guide
    • Platforms & Wargames
    • Tools Used for Solving CTF
    • Writeups
  • Dark Web
    • Beginners Guide
    • Darknet Markets
    • Darkweb 101 (Anonymity Guide)
    • Dark Web OSINT Tools
    • Hacking Forums
    • Latest News
    • Onion Links
  • Hacker Gadgets
  • Hacking Books
  • Tools Directory
Menu
  • Home
  • Become a Hacker
    • Get Started
    • Hacker Mindset
    • Roadmap
    • Simple Setup – Hacker 101
    • Types of Hackers
    • Recommended Courses
  • Boot People Offline
  • Courses
    • All Hacking Courses
    • Cyber Security School
  • CTF
    • Beginners to Advanced Guide
    • Create your own CTF box
    • Field and Resources Guide
    • Platforms & Wargames
    • Tools Used for Solving CTF
    • Writeups
  • Dark Web
    • Beginners Guide
    • Darknet Markets
    • Darkweb 101 (Anonymity Guide)
    • Dark Web OSINT Tools
    • Hacking Forums
    • Latest News
    • Onion Links
  • Hacker Gadgets
  • Hacking Books
  • Tools Directory
Search
Close
  • Home
  • 2018
  • June
  • 21
  • Tracy – Web Application Penetration Testing Tool

Tracy – Web Application Penetration Testing Tool

June 21, 2018July 27, 2019 Comments Off on Tracy – Web Application Penetration Testing Tool
download tracy app tracy Tracy - Web Application Penetration Testing Tool tracy pentest tracy pentest tool tracy tutorial

Tracy is a pentesting tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.

tracy should be used during the mapping-the-application phase of the pentest to identify sources of input and their corresponding outputs. tracy can use this data to intelligently find vulnerable instances of XSS, especially with web applications that use lots of JavaScript.

tracy is a browser extension and light-weight HTTP proxy that records all user input to a web application and monitors any time those inputs are output, for example in a DOM write, server response, or call to eval.

There are many different ways to trigger XSS, especially considering the large number of frontend frameworks that have been made popular in the last few years. For example, some of the less traditional ways of exploiting XSS can be through:

  • DOM clobbering
  • DOM injection
  • Frontend template injection
  • Backend template injection
  • Open redirects

These attack vectors are significantly different than traditional stored and reflected XSS cases and they require new tools for finding them effectively.

Many related tools only look for server response reflection, however this is not very helpful if all output encoding is performed by the frontend. In order to really gain knowledge about all the true sinks of the application, we need a tool that grants us “X-ray vision into the DOM”.

tracy was written with the goal of eliminating XSS by assisting a penetration tester in identifying every source of input into an application and following that input to all of its sinks. These cases are documented and stored as references that can be used to identify the locations of potentially risky input.

 

Sinks vs Sources

As tracy develops, these lists might grow to include other types of inputs and ouptuts. But for now, when we say sources, we are talking about:

  • Form fields
  • Query parameters
  • Post body parameters
  • Header values

and when we say sinks, we are talking about:

  • Server responses
  • DOM writes
  • Instances of eval
  • Instances of setTimeout
  • Instances of setInterval

 

How it works

While browsing a web application, a user flags particular input they would like to be traced. The extension marks this input with a reference and documents any time this reference is seen in a server response, written to the DOM, or used in one of the other dangerous method mentioned above.

The extension makes use of a light-weight proxy to monitor server responses and MutationObserver to monitor DOM writes. Additionally, the extension proxies a few functions that are considered dangerous and checks to see if these functions are executing arguments that contain one of the collected references.

 

What it is not

  • It is not a web application scanner or automated tool. It requires human interaction and guidance about what the sources of input are.
  • It is not an AI XSS finder.
  • It is not a static analyzer.

 

Web Application Penetration Testing Tool: Tracy wiki

Web Application Penetration Testing Tool: Tracy Download

Post navigation

SleuthQL – SQL Injection Discovery Tool
Gpredict – Satellite Tracking Application

Related Articles

Smogcloud - Find Cloud Assets That No One Wants Exposed

Smogcloud – Find Cloud Assets That No One Wants Exposed

- Hack Tools
March 26, 2021
Gitrecon - OSINT Tool To Get Information From A Github Profile And Find GitHub User'S Email Addresses Leaked On Commits

Gitrecon – OSINT Tool To Get Information From A Github Profile And Find GitHub User’S Email Addresses Leaked On Commits

- Hack Tools
March 25, 2021
mediator

mediator: end-to-end encrypted, extensible reverse shell

- Hack Tools
March 25, 2021
hacker gadgets
hacker phone covers

Recent Posts

CVE-2021-22893

CVE-2021-22893: Pulse Connect Secure RCE Vulnerability Alert

April 21, 2021
German Man Allegedly Bought Drugs on the Darkweb

German Man Allegedly Bought Drugs on the Darkweb

April 20, 2021
Microsoft fixes Windows NTFS Denial of Service Vulnerability (CVE-2021-28312)

Microsoft fixes Windows NTFS Denial of Service Vulnerability (CVE-2021-28312)

April 20, 2021
Dealer Sentenced for Selling Meth Purchased on the Darkweb

Dealer Sentenced for Selling Meth Purchased on the Darkweb

April 18, 2021
new encryption technologies splintering

FBI spent $900,000 to obtain the password and unlock iOS devices

April 15, 2021
Microsoft Exchange Server Remote Code Execution Vulnerability Alert

Microsoft Exchange Server Remote Code Execution Vulnerability Alert

April 15, 2021

Social Media Hacking

SocialPath – Track users across Social Media Platforms

SocialPath – Track users across Social Media Platforms

- Social Media Hacking
October 16, 2019October 16, 2019

SocialPath is a django application for gathering social media intelligence on specific username. It checks for Twitter, Instagram, Facebook, Reddit...

SocialScan – Check Email Address and Username Availability on Online Platforms

SocialScan – Check Email Address and Username Availability on Online Platforms

June 17, 2019
Shellphish – Phishing Tool For 18 Social Media Apps

Shellphish – Phishing Tool For 18 Social Media Apps

June 10, 2019July 27, 2019
WhatsApp Hacking using QRLJacking

WhatsApp Hacking using QRLJacking

May 2, 2019May 19, 2019
How to Hack any Facebook Account with Z-Shadow

How to Hack any Facebook Account with Z-Shadow

April 26, 2019June 29, 2020
hacker buffs
ABOUT US

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Our primary focus revolves around the latest tools released in the Infosec community and provide a platform for developers to showcase their skillset and current projects.

COMPANY
  • Contact Us
  • Disclaimer
  • Hacker Gadgets
  • LANC Remastered
  • PCPS IP Puller
  • Privacy Policy
  • Sitemap
  • Submit your Tool
Menu
  • Contact Us
  • Disclaimer
  • Hacker Gadgets
  • LANC Remastered
  • PCPS IP Puller
  • Privacy Policy
  • Sitemap
  • Submit your Tool
Live Chat
RESOURCES
  • Attack Process
  • Become a Hacker
  • Career Pathways
  • Dark Web
  • Hacking Books
  • Practice Your Skills
  • Recommended Courses
  • Simple Setup – Hacker 101
Menu
  • Attack Process
  • Become a Hacker
  • Career Pathways
  • Dark Web
  • Hacking Books
  • Practice Your Skills
  • Recommended Courses
  • Simple Setup – Hacker 101
Get Started
TOOLBOX
  • Anonymity
  • Bruteforce
  • DoS – Denial of Service
  • Information Gathering
  • Phishing
  • SQL Injection
  • Vulnerability Scanners
  • Wifi Hacking
Menu
  • Anonymity
  • Bruteforce
  • DoS – Denial of Service
  • Information Gathering
  • Phishing
  • SQL Injection
  • Vulnerability Scanners
  • Wifi Hacking
Tools Directory

2014 – 2020 | Haxf4rall.com               Stay Connected:

Facebook
Twitter
Google-plus
Wordpress
Please wait...

Join Our Community

Subscribe now and get your free HACKERS HANDBOOK

Don't Worry ! You will not be spammed
SIGN UP FOR NEWSLETTER NOW