id: tabnabbing-check
info:
name: Reverse Tabnabbing
author: bolli95
severity: info
tags: misc
reference: |
- https://owasp.org/www-community/attacks/Reverse_Tabnabbing
- https://www.youtube.com/watch?v=TMKZCHYmtD4
- https://hackerone.com/reports/211065
requests:
- method: GET
path:
- "{{BaseURL}}"
matchers-condition: and
matchers:
- type: dsl
dsl:
- 'regex("", replace_regex(replace_regex(body, "", ""), "", "")) || regex("window\.open\\([^,]+\\)", body)'
- type: dsl
dsl:
- "!contains(tolower(all_headers), 'referrer-policy: no-referrer')"