This will demonstrate how to create a fully spoofed browser using the building blocks that XUL provides for a user interface in Mozilla based products. This demo will create a fake window that appears to be a legit firefox window on top of everything else. This window will keylog every url and google search bar entry that you perform. This is a stripped back demo of what is possible via XUL browser overlays and intentionally does not log clicked links, or form field data for sites visited (there is no good in releasing this, and due to the nature of how this works would require me providing an open relay proxy which i'm not about to do). This only works in firefox2 and has only been tested on windows xp systems. To protect yourself from these sorts of attacks block popups and disable javascript.