Giters

timothymathison / malicious-web-site

Security risks of browser Javascript APIs

Home Page:https://timothymathison.github.io/malicious-web-site/index.html

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

securitywebsitewebappwebapispeech-recognition

Malicious Web Site Demo

Usage

# install the dependencies
$ npm install
# run the server on localhost:3000
$ node server.js

Alternatively navigate to:

https://timothymathison.github.io/malicious-web-site/index.html

Intent/Description

This web site is intended for demonstration purposes ONLY! The purpose of this project is to demonstrate how a browser API like the Web Speech API can be used maliciously by an unsuspecting user. In the current case, the site pretends to be a simple alarm clock web app. However, the small clock window that opens is capable of logging every word the user says for an indefinite period of time.

Browser Support

The Web Speech API is currently only fully implemented in Chrome.

About

Security risks of browser Javascript APIs

https://timothymathison.github.io/malicious-web-site/index.html

securitywebsitewebappwebapispeech-recognition

License:MIT License

Languages

Language:JavaScript 70.9%Language:HTML 17.1%Language:CSS 11.9%