Hack Facebook Users Account through Tabnapping

Tabnapping is an interesting, tricky, clever, and smart hacking technique for phishing and scamming.
Through this, attackers take advantage and control a victim’s unattended browser tabs by hijacking and redirecting him to malicious URLs where they can perform a phishing attack and execute scripts.


You are already logged in to your Facebook account and suddenly you see an interesting post with a web link. After clicking on the link, a new tab opens. Now, you are visiting an interesting post link on the new tab and unknowingly your previous tab will change to a fake Facebook login page. When you go back to the previous tab, u'll see u need to log in to Facebook, when you login, your information will be sent to the attacker and you successfully loggedin to Facebook because you never logged out.

PoC Video Coming soon!

For more info visit this

Always check the 'URL' in the address bar and ensure that it is using secure protocol 'https'.


Popular posts from this blog

XSS like a Pro

Email Spoofing for Beginners

DoS on WAF Protected Sites by Abusing Cookie