Tracy

A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.

Tracy - Your XSS Detection Extension for Chrome

The Chrome extension 'Tracy' is dedicated to making XSS detection more effective by focusing on sources of input and their corresponding sinks in a web application. Unlike other tools that only target server response reflection, Tracy achieves a more thorough inspection by providing 'x-ray vision into the DOM'. Tracy aids penetration testers in tracing potential risks while documenting and storing them as effective references.
Download
Install from Chrome Web Store

Extension stats

Manifest V2
Users: 570
-10
Rating: 4.00
(3)
1 new ratings
Version: 0.9.2 (Last updated: 2021-05-21)
Creation date: 2020-05-11
Permissions:
  • <all_urls>
  • storage
  • webRequest
Size: 920.58K
Full description: See detailed description

Ranking

# 38,554 ▼ 294
Other rankings
#7488 in Developer Tools ▲ 100

Other platforms

Not available on Android
Not available on Firefox
Not available on Edge

User reviews

Initial Review: ---------------- Installs cleanly, loads fine, however there is not comphrensive documentation (yet) to explain what exactly its doing to help pentest a site. Very cryptic desc. of its functions. I will report back once i learn some more but you should have a very firm handle on XSS before using this
by Mistah Mark, 2021-05-16
Quite the tool to look for XSS...a must have tool
by Emmanuel Odota, 2019-07-28
View all user reviews

Extension safety

Risk impact

Tracy requires some sensitive permissions that could impact your browser and data security. Exercise caution before installing.

Risk impact analysis details
  • Critical Allows access to all websites, posing a significant security risk as it can monitor and modify data from any visited site.
  • Critical ****** ****** ** ******* ***** ***** *** ** **** ** ***** **** ******** ****** *** ******** ********** * ******* ********
  • High ******* ******* **** *** ****** ***** *** ***** ** ******* **** ********* ********* ** * *********** *****
  • Low ******* ****** ** *** ********* ********
Risk likelihood

We don't have sufficient data to confidently determine the risk likelihood of Tracy. Use it at your own risk.

Risk likelihood analysis details
  • High This extension has low user count. Unpopular extensions may not be stable or safe.
  • Low **** ********* *** ******* **** **** * ****** **** ***** ******** *** **** ****** ** ** ****** *** *****
  • Low **** ********* *** ***** **** **** * ****** **** ***** ********** *** **** ****** ** ** ****** *** *****
  • Good **** ********* *** **** **** *******
Upgrade to see full risk analysis details

Similar extensions

Here are some Chrome extensions that are similar to Tracy:

Bishop Vulnerability Scanner
Bishop Vulnerability Scanner
Jack Kingsman
3K 3.75 (12)
ZoomEye Tools
ZoomEye Tools
knownseczoomeye
3K 3.67 (6)
Display Access Keys
Display Access Keys
dharris
330 4.33 (3)
Untrusted Types for DevTools
Untrusted Types for DevTools
Thomas Orlita
1,000 5.00 (3)
HackBar
HackBar
0140454
80K 4.21 (53)
CounterXSS
CounterXSS
playarun93
483 5.00 (3)
Breakbot
Breakbot
https://jacksbrain.com
290 3.80 (5)
Vulners Web Scanner
Vulners Web Scanner
vankyver
9K 4.55 (20)
Input hidden Monitor
Input hidden Monitor
Bohumil Beran
315 0.00 (0)
Plugin Vulnerabilities
Plugin Vulnerabilities
White Fir Design
427 5.00 (1)
Investigate with Lacework
Investigate with Lacework
Lacework
204 0.00 (0)
should-i-trust
should-i-trust
ericalexander.org
195 0.00 (0)