DOM Input Liberator od Lamisedaxeh
Pentesting tool: remove form restrictions, reveal hidden elements, bypass input validation
Metadata rozšíření
Snímky obrazovky
O tomto rozšíření
A browser extension for penetration testing that removes client-side form restrictions, reveals hidden elements, and bypasses input validation. Works on Chrome and Firefox.
UI:
Features list:
UI:
- Popup — Toggle categories on/off individually or use "Liberate All" master toggle. Each category can be expanded to enable/disable specific items.
- Floating Badge — A counter badge appears on the page showing how many elements were modified. Click it to see a per-category breakdown. Click outside to dismiss.
- Highlighting — Modified elements are outlined in the category's color. Toggle highlighting on/off from the popup.
Features list:
- Form Controls: Remove
disabled,readonly,required,maxlength,minlength,pattern,multiple,acceptattributes, re-enableautocomplete, reveal password fields as plain text - Input Validation: Strip
min,max,stepattributes and convert restricted input types (number, email, url, date, etc.) to plain text fields - Hidden Fields: Convert
type="hidden"inputs to visible text fields with a purple dashed border so you can view and edit their values - Hidden Elements (CSS): Reveal elements hidden via
display: none,visibility: hidden,opacity: 0, thehiddenattribute, or collapsed<details>elements - Content Editing: Make all block-level elements contenteditable so you can modify any text on the page. Disabled by default
- Iframes: Reveal hidden iframes (zero-sized, display:none, opacity:0) with a labeled border showing their
src - Event Blockers: Remove inline event handlers that block user interaction:
onsubmit,onchange,oninput,oncopy,onpaste,oncut. Also prevents clipboard and context menu blocking - Size Constraints: Remove
cols,rows,sizeattributes from textareas/inputs and forceresize: bothon textareas - Comments: Unwrap HTML comments so their content becomes live DOM. Uncomment JS comments in inline scripts so commented-out code executes
- Fill Payloads: One-click button to fill all visible inputs with XSS, template injection, SQL injection, and path traversal test payloads
This tool is intended for authorized security testing and bug bounty programs. Only use it on applications you have permission to test.
Hodnocení: 0 od 0 redaktorů
Oprávnění a data
Požadovaná oprávnění:
- Přistupovat k vašim datům pro všechny webové stránky
Sběr dat:
- Podle vývojáře toto rozšíření nevyžaduje sběr dat.
Další informace
- Odkazy doplňku
- Verze
- 1.0.0
- Velikost
- 41,26 KB
- Poslední aktualizace
- před 4 dny (10. čvc 2026)
- Příbuzné kategorie
- Historie změn
- Přidat do sbírky