SquareX, the leading browser security company, is releasing two open-source toolkits at DEF CON 33 Demo Labs, enabling security teams to simulate and defend against modern browser attacks that bypass traditional enterprise defenses.
Enterprise security solutions are struggling to keep pace with modern attack techniques that operate entirely within web browsers. While organizations have invested heavily in endpoint detection and network security, these traditional defenses have limited visibility into browser-based threats-particularly identity attacks and data exfiltration that occur within authenticated sessions.
This security gap affects both offensive and defensive security practices. Red teams lack tools to properly simulate browser-based attacks, while blue teams struggle to detect and respond to threats their monitoring systems can't see. Most security frameworks focus on network infiltration and endpoint compromise, largely overlooking the browser as an attack vector. Yet browsers have become the primary interface for accessing corporate resources, processing sensitive data, and managing user identities.
This August, SquareX is releasing two new open source toolkits that directly address this testing and detection deficit. Developed by SquareX security researchers, these tools enable security teams to simulate browser-based attacks across two critical vectors: data exfiltration that bypasses DLP systems and identity attacks executed through browser extensions. More importantly, they provide blue teams with concrete examples of what to monitor and defend against.
Angry Magpie: Simulating Data Exfiltration Attacks via Data Splicing Techniques
Built by SquareX security researchers Jeswin Mathai, Pankaj Sharma and Xian Xiang Chang, Angry Magpie exploits architectural limitations in DLP systems. The framework implements four exfiltration methods-data sharding, ciphering, transcoding, and smuggling-which can be executed through common browser operations like clipboard paste, file uploads, downloads, and printing. These techniques help red and blue teams simulate bypasses for proxy-based and endpoint DLP solutions. The toolkit reveals how insider threats execute data exfiltration campaigns within browser environments, helping teams recognize and counter these techniques.
Experience live demonstrations at DEF CON 33 Demo Labs:
— Friday, 8 August, 15:00 at LVCC – L2 – W208
— Saturday, 9 August, 09:00 at LVCC – L2 – W212
Copycat: Browser Extension-based Identity Attacks Simulator
While Angry Magpie addresses data exfiltration, Copycat focuses on identity and authentication attacks through browser extensions. Created by SquareX security researchers, Dakshitaa Babu, Tejeswar S Reddy, Pankaj Sharma and Albin Antony, this toolkit demonstrates how extensions with minimal permissions can compromise user identities and hijack authenticated sessions. These attacks can be carried out even via popular color picker extensions that have tabs and scripting permissions.
The toolkit includes 10 distinct attack modules that illustrate different aspects of browser-based identity compromise – such as silent account hijacking, credential theft, 2FA stealing and OAuth manipulation. These attacks reveal how easily authentication flows can be compromised at the browser level, a reality demonstrated by threat actors like Scattered Spider and Muddled Libra who use browser-based identity attacks as their primary enterprise entry point.
Witness these capabilities at DEF CON 33 Demo Labs:
— Friday, 8 August, 12:00 at LVCC – L2 – W208
— Saturday, 9 August, 11:00 at LVCC – L2 – W209
Pioneering Browser Security
Through thesetoolkits, SquareX extends its impact beyond pioneering the Browser Detection and Response solution to enabling the entire security industry-ensuring teams understand actively exploited attack techniques and can build appropriate defenses.
SquareX researchers will also be conducting other talks at DEF CON 33, listed below:
— DEF CON 33 – Mainstage Talk (L1 – EHW3 – Track 3) | Passkeys Pwned: Turning WebAuthn Against Itself | Shourya Pratap Singh, Jonathan Lin and Daniel Seetoh | Sunday, August 10 | 11:30am-12.15pm
— DEF CON 33 – RECON Village | Talk: Plug and Prey: Scanning and Scoring Browser Extensions | Shourya Pratap Singh and Nishant Sharma | Saturday, August 9 | 2:20pm-3:05pm
— DEF CON 33 – Cloud Village | Workshop: Serverless but Not Defenseless: A Security Deep Dive into Cloud Run | Nishant Sharma | Saturday, August 9 | 11.00am-1.00pm
About SquareX
SquareX's browser extension turns any browser on any device into an enterprise-grade secure browser. SquareX's industry-first Browser Detection and Response (BDR) solution empowers organizations to proactively detect, mitigate, and threat-hunt client-side web attacks including malicious browser extensions, advanced spearphishing, browser-native ransomware, genAI DLP, and more.
Unlike legacy security approaches and cumbersome enterprise browsers, SquareX seamlessly integrates with users' existing consumer browsers, ensuring enhanced security without compromising user experience or productivity. By delivering unparalleled visibility and control directly within the browser, SquareX enables security leaders to reduce their attack surface, gain actionable intelligence, and strengthen their enterprise cybersecurity posture against the newest threat vector – the browser.
Find out more at www.sqrx.com
https://c212.net/c/img/favicon.png?sn=CN45734&sd=2025-08-07
View original content:https://www.prnewswire.com/news-releases/squarex-researchers-release-toolkits-to-empower-red-and-blue-teams-in-testing-browser-based-attack-vectors-302524037.html
SOURCE SquareX
https://rt.newswire.ca/rt.gif?NewsItemId=CN45734&Transmission_Id=202508070900PR_NEWS_USPR_____CN45734&DateId=20250807