DOM based XSS finder
A Chrome extension for finding DOM based XSS vulnerabilities
What is DOM based XSS finder?
Stats
- storage
- webNavigation
- tabs
- *://*/
- debugger
- unlimitedStorage
Other platforms
Summary
"DOM based XSS finder" is a Chrome extension that finds DOM based XSS vulnerabilities.
Finding DOM based XSS can be bothersome. This extension can be helpful. This extension has the following features:
- Notify if a user-input such as "location.href" leads to a dangerous function such as "eval".
- Fuzzing for user-inputs such as query, hash and referrer.
- Generate a PoC that generates a alert prompt.
This extension is actively developed. More features will be added in later versions.
This tool is a dynamic JavaScript tracer, not a static JavaScript scanner. So you must execute JavaScript by manual crawling with this extension starting.
Usage
- Click the icon and hit "Start".
- Browse pages that you want to scan.
User reviews
Safety
Risk impact
DOM based XSS finder is very risky to use and it requires a lot of sensitive permissions. Avoid installing this extension unless you absolutely trust this publisher.
Risk likelihood
DOM based XSS finder may not be trust-worthy. Avoid installing if possible unless you really trust this publisher.
Similar extensions
Here are some Chrome extensions that are similar to DOM based XSS finder:
![HackBar](https://ssl.gstatic.com/chrome/webstore/images/thumb_1280x800.png)