Quickjack – Advanced Clickjacking & Frame Slicing Attack Tool

The New Acunetix V12 Engine


Quickjack is an intuitive, point-and-click tool for performing advanced and covert clickjacking and frame slicing attacks. It also allows you to easily perform clickjacking, or steal “clicks” from users on many websites, forcing the user to unknowingly click buttons or links (for example the Facebook Like button) using their own cookies.

Quickjack - Advanced Clickjacking & Frame Slicing Attack Tool


Quickjack By placing the auto-generated code on any site, you can obtain thousands of clicks quickly from different users, or perform targeted attacks by luring a victim to a specific URL. It also allows you to deceive a user into believing you have information on them that you don’t, as well as coerce a user into providing information to you without even knowing it.

Using Quickjack for Clickjacking & Frame Slicing

Quickjack supports not only easy point-and-click generation of code, but also the underlying iframe follows the user’s mouse movement around the page wherever they go, hides the clickjacking frame, and even performs a method of determining when you’ve obtained the user’s click in order to then remove clickjacking from the page so the user can actually perform the click they meant to execute.

The tool also includes a frame slicing tool which allows you to capture a small section of a page to display to them, coercing them to believe you have such information on them. An example would be to slice a section of a website which normally contains the user’s name, then place that frame slice on your own site, making it appear that you know their name.

You can even use frame slicing to obtain information from the user, such as slicing different characters of the user’s name on a site, rearranging them and adding other letters and numbers, turning it into a captcha, and when the user enters the captcha, they’re just entering an anagram of their name (and other characters which you remove) and can determine their name!


In this project, we’ll learn how Quickjack performs these methods and how clickjacking and frame slicing work, as well as some of the more advanced techniques presented in the Quickjack tool which allow more potent clickjacking to occur, as well as see real demonstrations on sites such as Facebook.

There is also this to check out:

Jack – Drag & Drop Clickjacking Tool For PoCs

You can download Quickjack here:

quickjack-master.zip

Or read more here and use the tool directly here.

Posted in: Hacking Tools

, ,


Latest Posts:


Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.
Four Year Old libSSH Bug Leaves Servers Wide Open Four Year Old libssh Bug Leaves Servers Wide Open
A fairly serious 4-year old libssh bug has left servers vulnerable to remote compromise, fortunately, the attack surface isn't that big as neither OpenSSH or the GitHub implementation are affected.
CHIPSEC - Platform Security Assessment Framework CHIPSEC – Platform Security Assessment Framework For Firmware Hacking
CHIPSEC is a platform security assessment framework for PCs including hardware, system firmware (BIOS/UEFI), and platform components for firmware hacking.


One Response to Quickjack – Advanced Clickjacking & Frame Slicing Attack Tool

  1. George March 6, 2018 at 8:35 am #

    not sure on how to use the app and how to download it but i need it please help