DOM based XSS finder
A Chrome extension for finding DOM based XSS vulnerabilities
Vad är DOM based XSS finder?
DOM based XSS finder är en Chrome-tillägg utvecklad av askn, och dess huvudfunktion är "A Chrome extension for finding DOM based XSS vulnerabilities".
Tilläggsskärmbilder
Ladda ner DOM based XSS finder-förlängningens CRX-fil
Ladda ner DOM based XSS finder-filändelser i crx-format, installera Chrome-tillägg manuellt i webbläsaren eller dela crx-filerna med vänner för att enkelt installera Chrome-tillägg.
Användarmanual för Tillägg
"DOM based XSS finder" is a Chrome extension that finds DOM based XSS vulnerabilities.
Finding DOM based XSS can be bothersome. This extension can be helpful. This extension has the following features:
- Notify if a user-input such as "location.href" leads to a dangerous function such as "eval".
- Fuzzing for user-inputs such as query, hash and referrer.
- Generate a PoC that generates a alert prompt.
This extension is actively developed. More features will be added in later versions.
**This tool is a dynamic JavaScript tracer, not a static JavaScript scanner. So you must execute JavaScript by manual crawling with this extension starting.**
Usage
1. Click the icon and hit "Start".
2. Browse pages that you want to scan.
3. If the extension finds a possible vulnerability of DOM based XSS, the extension shows a entry for that url.
4. Click "Detail" in the entry. A popup window show a source and a sink of the possible vulnerability.
5. Click "Check and Generate PoC" in the popup window. You can fuzzing the url. Grundläggande Information om Tillägg
| Namn |  DOM based XSS finder |
| ID | ngmdldjheklkdchgkgnjoaabgejcnnoi |
| Officiell webbadress | https://chrome.google.com/webstore/detail/dom-based-xss-finder/ngmdldjheklkdchgkgnjoaabgejcnnoi |
| Beskrivning | A Chrome extension for finding DOM based XSS vulnerabilities |
| Filstorlek | 2.46 MB |
| Antal Installationer | 2,000 |
| Aktuell Version | 1.0.0 |
| Senast Uppdaterad | 2021-11-19 |
| Publiceringsdatum | 2020-02-05 |
| Betyg | 2.50/5 Totalt 2 Betyg |
| Utvecklare | askn |
| E-post | [email protected] |
| Betalningssätt | free |
| Tilläggswebbplats | https://github.com/AsaiKen/dom-based-xss-finder |
| Stödda Språk | en |
| manifest.json | |
{
"update_url": "https:\/\/clients2.google.com\/service\/update2\/crx",
"name": "DOM based XSS finder",
"version": "1.0.0",
"manifest_version": 2,
"description": "A Chrome extension for finding DOM based XSS vulnerabilities",
"permissions": [
"storage",
"webNavigation",
"tabs",
"*:\/\/*\/",
"debugger",
"unlimitedStorage"
],
"icons": {
"16": "images\/app_icon_16.png",
"128": "images\/app_icon_128.png"
},
"content_security_policy": "script-src 'self' 'unsafe-eval'; object-src 'self'",
"browser_action": {
"default_icon": "images\/icon-black.png",
"default_title": "DOM based XSS finder",
"default_popup": "popup.html"
},
"background": {
"scripts": [
"background.js"
],
"persistent": true
},
"options_ui": {
"page": "options.html",
"open_in_tab": true
}
} | |
