Singularity of Origin DNS Rebinding Attack

This attack typically takes ~1 min to work. This duration can be reduced to ~3s with the appropriate options. Check the documentation. Try the new, experimental HTTP port scanner. Test the automatic identification of vulnerable services on your network upon visiting this page.
Attack server listening on: unknown. The attack and target hosts must be listening on the same port. The "Request New Port" button is only available when the server is started with the "-dangerouslyAllowDynamicHTTPServers" command line argument.
Specify a port on which the attack host does not listen to permit browser fast DNS cache eviction. If not possible, use a reachable port serviced by a web server.
Read the docs if changing from the default value to ensure that the attack will succeed.
Fetch API works with most browsers, but is blocked by Chrome by most (but not all) target configurations. Inline Frame should work with most browsers, unless the target application does not allow rendering in an iframe.
How long to wait between attempts in seconds.
Attempt flushing the browser DNS cache. Successfully tested on Chrome.
The attack uses this string to recognize whether it is accessing the attacker or target host. it must be placed in the index page of the attacker web server.
TCP port on which Singularity listens to handle websockets and proxy operations.
Please wait for DNS cache entries to expire.