OWASP Click Me Project

=Main=



{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
 * valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |

OWASP Click Me Project
The OWASP Click Me Project aimed at having a simple GUI which helps to create a test page for Clickjacking attacks.This is an attack which targets the clickable content on a website. Clickjacking attack occurs when a malicious site tricks a user into clicking on a hidden element that belong to another site which they have loaded in a hidden frame or iframe.OWASP Click Me tool will help you to test whether your site is vulnerable to this attack by creating a html page that will try to load your web site from a frame.

Sites can use frame breaking scripts and X-Frame-Options set with DENY or SAME ORIGIN values to avoid Clickjacking attacks,by ensuring that their content is not embedded into other sites.

Licensing
The OWASP Click Me Project is free to use. It is licensed under the Apache 2.0 License.


 * valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |

The OWASP Click Me Project provides:


 * Proof of concept for Clickjacking vulnerability.

Project Leader

 * Arun Kumar


 * valign="top" style="padding-left:25px;width:200px;" |

Quick Download
Click Me

Classifications

 * }

= Contributors = The OWASP Click Me Project: The primary contributors to date have been:
 * Arun Kumar

Acknowledgement

 * Samantha Groves

Snapshot


Note : OWASP Click Me is a jar file ,so you will need JRE in your system to run the file.

= Get Involved = As of March 2014, the priorities are:
 * Creating the test html page.

Involvement in the development and promotion of the OWASP Click Me Project is actively encouraged! You do not have to be a security expert in order to contribute. Some of the ways you can help:


 * Create a GUI which will help to provide a Proof of Concept on how the attack could be exploited for a given web page.

=Project About=