Pown CDB is a Chrome Debug Protocol utility. The primary aim of the device is to automate widespread duties to assist debug net purposes from the command-line and actively monitor and intercept HTTP requests and responses. That is notably helpful throughout penetration checks and different forms of safety assessments and investigations.
Credit
This device is a part of secapps.com open-source initiative.
___ ___ ___ _ ___ ___ ___
/ __| __/ __| /_ | _ _ / __|
__ _| (__ / _ | _/ _/__
|___/______/_/ __| |_| |___/
https://secapps.com
Authors
Quickstart
This device is supposed for use as a part of Pown.js however it may be invoked individually as an impartial device.
Set up Pown first as typical:
Invoke immediately from Pown:
Library Use
Set up this module domestically from the basis of your mission:
$ npm set up @pown/cdb --save
As soon as accomplished, invoke pown cli:
$ POWN_ROOT=. ./node_modules/.bin/pown-cli cdb
It’s also possible to use the worldwide pown to invoke the device domestically:
Utilization
WARNING: This pown command is at present below improvement and in consequence will likely be topic to breaking modifications.
pown cdb <command>Chrome Debug Protocol Software
Instructions:
pown cdb launch Launch server software similar to chrome, firefox, opera and edge [aliases: start]
pown cdb navigate <url> Go to the required url [aliases: goto, go]
pown cdb community Chrome Debug Protocol Community Monitor [aliases: net, sniff, proxy, mon, monitor]
pown cdb cookies Dump present web page cookies [aliases: cookie]
pown cdb screenshot <file> Screenshot the present web page [aliases: capture, shoot, shot]
Choices:
--version Present model quantity [boolean]
--help Present assist [boolean]
pown cdb launch
pown cdb launchLaunch server software similar to chrome, firefox, opera and edge
Choices:
--version Present model quantity [boolean]
--help Present assist [boolean]
--port, -p Distant debugging port [number] [default: 9222]
--xss-auditor, -x Activate/off XSS auditor [boolean] [default: true]
--certificate-errors, -c Activate/off certificates errors [boolean] [default: true]
--pentest, -t Begin with prefered settings for pentesting [boolean] [default: false]
pown cdb navigate
pown cdb community
pown cdb cookies
pown cdb screenshot
Net Software Safety Evaluation
Let’s discover find out how to use Pown CDB throughout a typical net app safety engagments.
First, guarantee that you’ve got the most recent pown put in:
If in case you have pown put in, be sure to have the most recent model:
To get began with Pown CDB we want a Chrome browser occasion (different browsers are additionally supported) with chrome debug distant interface enabled and listening on localhost:
$ pown cdb launch --port 9333
As soon as the chrome browser occasion is working, hook it with pown cdb community utility:
$ pown cdb community --port 9333 -b
The -b
flag is used to start out Pown CDB with a curses-based consumer interface:
Use key-combo shift + ?
to get an inventory of accessible shortcuts:
As quickly as you begin utilizing the browser, Pown CDB will report and show the site visitors within the consumer interface. To intercept requests use key-combo ctrl + t
.
Requests are captured and opened in your default shell editor ($EDITOR
). Make the specified modifications, save and give up. The unique request will likely be changed together with your modifications.