DOM Input Liberator de Lamisedaxeh
Pentesting tool: remove form restrictions, reveal hidden elements, bypass input validation
Metadate extensie
Capturi de ecran
Despre această extensie
A browser extension for penetration testing that removes client-side form restrictions, reveals hidden elements, and bypasses input validation. Works on Chrome and Firefox.
UI:
Features list:
UI:
- Popup — Toggle categories on/off individually or use "Liberate All" master toggle. Each category can be expanded to enable/disable specific items.
- Floating Badge — A counter badge appears on the page showing how many elements were modified. Click it to see a per-category breakdown. Click outside to dismiss.
- Highlighting — Modified elements are outlined in the category's color. Toggle highlighting on/off from the popup.
Features list:
- Form Controls: Remove
disabled,readonly,required,maxlength,minlength,pattern,multiple,acceptattributes, re-enableautocomplete, reveal password fields as plain text - Input Validation: Strip
min,max,stepattributes and convert restricted input types (number, email, url, date, etc.) to plain text fields - Hidden Fields: Convert
type="hidden"inputs to visible text fields with a purple dashed border so you can view and edit their values - Hidden Elements (CSS): Reveal elements hidden via
display: none,visibility: hidden,opacity: 0, thehiddenattribute, or collapsed<details>elements - Content Editing: Make all block-level elements contenteditable so you can modify any text on the page. Disabled by default
- Iframes: Reveal hidden iframes (zero-sized, display:none, opacity:0) with a labeled border showing their
src - Event Blockers: Remove inline event handlers that block user interaction:
onsubmit,onchange,oninput,oncopy,onpaste,oncut. Also prevents clipboard and context menu blocking - Size Constraints: Remove
cols,rows,sizeattributes from textareas/inputs and forceresize: bothon textareas - Comments: Unwrap HTML comments so their content becomes live DOM. Uncomment JS comments in inline scripts so commented-out code executes
- Fill Payloads: One-click button to fill all visible inputs with XSS, template injection, SQL injection, and path traversal test payloads
This tool is intended for authorized security testing and bug bounty programs. Only use it on applications you have permission to test.
Evaluat cu 0 de către 0 recenzori
Permisiuni și date
Permisiuni necesare:
- Să îți acceseze datele pentru toate site-urile web
Colectare de date:
- Dezvoltatorul spune că extensia nu necesită colectarea de date.
Mai multe informații
- Linkurile suplimentului
- Versiune
- 1.0.0
- Mărime
- 41,26 KB
- Ultima actualizare
- 4 zile în urmă (10 iul. 2026)
- Categorii conexe
- Istoricul versiunilor
- Adaugă în colecție