DOM based XSS finder
A Chrome extension for finding DOM based XSS vulnerabilities
Wat is DOM based XSS finder?
DOM based XSS finder is een Chrome-extensie ontwikkeld door askn, en de belangrijkste functie is "A Chrome extension for finding DOM based XSS vulnerabilities".
Extensie Screenshots
Download het CRX-bestand van de extensie DOM based XSS finder
Download DOM based XSS finder-extensiebestanden in crx-indeling, installeer Chrome-extensies handmatig in de browser of deel de crx-bestanden met vrienden om Chrome-extensies eenvoudig te installeren.
Instructies voor het Gebruik van de Extensie
"DOM based XSS finder" is a Chrome extension that finds DOM based XSS vulnerabilities.
Finding DOM based XSS can be bothersome. This extension can be helpful. This extension has the following features:
- Notify if a user-input such as "location.href" leads to a dangerous function such as "eval".
- Fuzzing for user-inputs such as query, hash and referrer.
- Generate a PoC that generates a alert prompt.
This extension is actively developed. More features will be added in later versions.
**This tool is a dynamic JavaScript tracer, not a static JavaScript scanner. So you must execute JavaScript by manual crawling with this extension starting.**
Usage
1. Click the icon and hit "Start".
2. Browse pages that you want to scan.
3. If the extension finds a possible vulnerability of DOM based XSS, the extension shows a entry for that url.
4. Click "Detail" in the entry. A popup window show a source and a sink of the possible vulnerability.
5. Click "Check and Generate PoC" in the popup window. You can fuzzing the url. Basisinformatie over de Extensie
| Naam |  DOM based XSS finder |
| ID | ngmdldjheklkdchgkgnjoaabgejcnnoi |
| Officiële URL | https://chrome.google.com/webstore/detail/dom-based-xss-finder/ngmdldjheklkdchgkgnjoaabgejcnnoi |
| Beschrijving | A Chrome extension for finding DOM based XSS vulnerabilities |
| Bestandsgrootte | 2.46 MB |
| Aantal Installaties | 2,000 |
| Huidige Versie | 1.0.0 |
| Laatst Bijgewerkt | 2021-11-19 |
| Publicatiedatum | 2020-02-05 |
| Beoordeling | 2.50/5 Totaal 2 Beoordelingen |
| Ontwikkelaar | askn |
| [email protected] | |
| Betalingswijze | free |
| Extensiewebsite | https://github.com/AsaiKen/dom-based-xss-finder |
| Ondersteunde Talen | en |
| manifest.json | |
{
"update_url": "https:\/\/clients2.google.com\/service\/update2\/crx",
"name": "DOM based XSS finder",
"version": "1.0.0",
"manifest_version": 2,
"description": "A Chrome extension for finding DOM based XSS vulnerabilities",
"permissions": [
"storage",
"webNavigation",
"tabs",
"*:\/\/*\/",
"debugger",
"unlimitedStorage"
],
"icons": {
"16": "images\/app_icon_16.png",
"128": "images\/app_icon_128.png"
},
"content_security_policy": "script-src 'self' 'unsafe-eval'; object-src 'self'",
"browser_action": {
"default_icon": "images\/icon-black.png",
"default_title": "DOM based XSS finder",
"default_popup": "popup.html"
},
"background": {
"scripts": [
"background.js"
],
"persistent": true
},
"options_ui": {
"page": "options.html",
"open_in_tab": true
}
} | |
