To summarize the steps used, # A set of command line flags that we want to set by default. # Disable Chromium security features for web app testingĮxport CHROMIUM_FLAGS="$CHROMIUM_FLAGS -disable-web-security" To use chromium for Web Application Penetration Testing you need to disable all the security features, allowing for DOM based XSS testing in chromium. It user-data-dir and sandboxing, disabling sandboxing will have some obvious security issues but this browser is for web application penetration testing only. You can fix this by opening /etc/chromium.d/default-flags in vim and adding the following lines: # Run as root KaliĮxport CHROMIUM_FLAGS="$CHROMIUM_FLAGS -password-store=detect -no-sandbox -user-data-dir"
Chromium exists within the Kali repositories and can be installed using: apt-get install chromiumīy default chromium won’t launch on Kali Linux, this is due to chromium running as the root user.
0 kommentar(er)
