DOM based XSS finder
A Chrome extension for finding DOM based XSS vulnerabilities
Τι είναι το DOM based XSS finder;
Το DOM based XSS finder είναι ένα πρόσθετο Chrome που αναπτύχθηκε από τον askn, και η κύρια λειτουργία του είναι "A Chrome extension for finding DOM based XSS vulnerabilities".
Στιγμιότυπα Επέκτασης
Λήψη αρχείου CRX της επέκτασης DOM based XSS finder
Λήψη αρχείων επέκτασης DOM based XSS finder σε μορφή crx, εγκατάσταση των επεκτάσεων Chrome μη αυτόματα στον περιηγητή ή κοινοποίηση των αρχείων crx με φίλους για εύκολη εγκατάσταση των επεκτάσεων Chrome.
Οδηγίες Χρήσης της Επέκτασης
"DOM based XSS finder" is a Chrome extension that finds DOM based XSS vulnerabilities.
Finding DOM based XSS can be bothersome. This extension can be helpful. This extension has the following features:
- Notify if a user-input such as "location.href" leads to a dangerous function such as "eval".
- Fuzzing for user-inputs such as query, hash and referrer.
- Generate a PoC that generates a alert prompt.
This extension is actively developed. More features will be added in later versions.
**This tool is a dynamic JavaScript tracer, not a static JavaScript scanner. So you must execute JavaScript by manual crawling with this extension starting.**
Usage
1. Click the icon and hit "Start".
2. Browse pages that you want to scan.
3. If the extension finds a possible vulnerability of DOM based XSS, the extension shows a entry for that url.
4. Click "Detail" in the entry. A popup window show a source and a sink of the possible vulnerability.
5. Click "Check and Generate PoC" in the popup window. You can fuzzing the url. Βασικές Πληροφορίες Επέκτασης
| Όνομα |  DOM based XSS finder |
| ID | ngmdldjheklkdchgkgnjoaabgejcnnoi |
| Επίσημο URL | https://chrome.google.com/webstore/detail/dom-based-xss-finder/ngmdldjheklkdchgkgnjoaabgejcnnoi |
| Περιγραφή | A Chrome extension for finding DOM based XSS vulnerabilities |
| Μέγεθος Αρχείου | 2.46 MB |
| Αριθμός Εγκαταστάσεων | 2,000 |
| Τρέχουσα Έκδοση | 1.0.0 |
| Τελευταία Ενημέρωση | 2021-11-19 |
| Ημερομηνία Δημοσίευσης | 2020-02-05 |
| Αξιολόγηση | 2.50/5 Συνολικά 2 Αξιολογήσεις |
| Προγραμματιστής | askn |
| Ηλεκτρονικό ταχυδρομείο | [email protected] |
| Τύπος Πληρωμής | free |
| Ιστότοπος Επέκτασης | https://github.com/AsaiKen/dom-based-xss-finder |
| Υποστηριζόμενες Γλώσσες | en |
| manifest.json | |
{
"update_url": "https:\/\/clients2.google.com\/service\/update2\/crx",
"name": "DOM based XSS finder",
"version": "1.0.0",
"manifest_version": 2,
"description": "A Chrome extension for finding DOM based XSS vulnerabilities",
"permissions": [
"storage",
"webNavigation",
"tabs",
"*:\/\/*\/",
"debugger",
"unlimitedStorage"
],
"icons": {
"16": "images\/app_icon_16.png",
"128": "images\/app_icon_128.png"
},
"content_security_policy": "script-src 'self' 'unsafe-eval'; object-src 'self'",
"browser_action": {
"default_icon": "images\/icon-black.png",
"default_title": "DOM based XSS finder",
"default_popup": "popup.html"
},
"background": {
"scripts": [
"background.js"
],
"persistent": true
},
"options_ui": {
"page": "options.html",
"open_in_tab": true
}
} | |
