Security company NCC Group have released an open source tool for penetration testing named Singularity, the tool allows security researchers to test for rebinding attacks. A DNS Rebinding attack allows a website to create a fake DNS name and force visitors to run a client-side script that attacks other hosts on the network.
This technique can be used to target a vulnerable machine and exploit vulnerabilities in the application running on the localhost interface to expose local services. The attacker just needs to coerce their victim into browsing a malicious page.
