DOM based XSS finder
A Chrome extension for finding DOM based XSS vulnerabilities
¿Qué es DOM based XSS finder?
DOM based XSS finder es una extensión de Chrome desarrollada por askn, y su función principal es "A Chrome extension for finding DOM based XSS vulnerabilities".
Capturas de Pantalla de la Extensión
Descargar Archivo CRX de la Extensión DOM based XSS finder
Descarga archivos de extensión DOM based XSS finder en formato crx, instala manualmente las extensiones de Chrome en el navegador o comparte los archivos crx con amigos para instalar fácilmente las extensiones de Chrome.
Instrucciones de Uso de la Extensión
"DOM based XSS finder" is a Chrome extension that finds DOM based XSS vulnerabilities.
Finding DOM based XSS can be bothersome. This extension can be helpful. This extension has the following features:
- Notify if a user-input such as "location.href" leads to a dangerous function such as "eval".
- Fuzzing for user-inputs such as query, hash and referrer.
- Generate a PoC that generates a alert prompt.
This extension is actively developed. More features will be added in later versions.
**This tool is a dynamic JavaScript tracer, not a static JavaScript scanner. So you must execute JavaScript by manual crawling with this extension starting.**
Usage
1. Click the icon and hit "Start".
2. Browse pages that you want to scan.
3. If the extension finds a possible vulnerability of DOM based XSS, the extension shows a entry for that url.
4. Click "Detail" in the entry. A popup window show a source and a sink of the possible vulnerability.
5. Click "Check and Generate PoC" in the popup window. You can fuzzing the url. Información Básica de la Extensión
| Nombre |  DOM based XSS finder |
| ID | ngmdldjheklkdchgkgnjoaabgejcnnoi |
| URL Oficial | https://chrome.google.com/webstore/detail/dom-based-xss-finder/ngmdldjheklkdchgkgnjoaabgejcnnoi |
| Descripción | A Chrome extension for finding DOM based XSS vulnerabilities |
| Tamaño del Archivo | 2.46 MB |
| Cantidad de Instalaciones | 2,000 |
| Versión Actual | 1.0.0 |
| Última Actualización | 2021-11-19 |
| Fecha de Publicación | 2020-02-05 |
| Calificación | 2.50/5 Total de 2 Calificaciones |
| Desarrollador | askn |
| Correo electrónico | [email protected] |
| Tipo de Pago | free |
| Sitio Web de la Extensión | https://github.com/AsaiKen/dom-based-xss-finder |
| Idiomas Soportados | en |
| manifest.json | |
{
"update_url": "https:\/\/clients2.google.com\/service\/update2\/crx",
"name": "DOM based XSS finder",
"version": "1.0.0",
"manifest_version": 2,
"description": "A Chrome extension for finding DOM based XSS vulnerabilities",
"permissions": [
"storage",
"webNavigation",
"tabs",
"*:\/\/*\/",
"debugger",
"unlimitedStorage"
],
"icons": {
"16": "images\/app_icon_16.png",
"128": "images\/app_icon_128.png"
},
"content_security_policy": "script-src 'self' 'unsafe-eval'; object-src 'self'",
"browser_action": {
"default_icon": "images\/icon-black.png",
"default_title": "DOM based XSS finder",
"default_popup": "popup.html"
},
"background": {
"scripts": [
"background.js"
],
"persistent": true
},
"options_ui": {
"page": "options.html",
"open_in_tab": true
}
} | |
