Rreth këtij zgjerimi
Description:

DOMLogger++ is a browser extension developed for web developers and security researchers. It hooks into specific JavaScript sinks, helping users understand how web scripts operate. With customizable JSON settings, users can adjust how the extension works according to their needs.

This tool is especially useful for those looking to identify security risks in web applications. By offering insights into JavaScript interactions, DOMLogger++ can help spot potential vulnerabilities in websites.

Features:

- [x] Regex-based domain management.
- [x] Flexible hooking configuration (class, function, attribute, event).
- [x] Regex-based hooks arguments and stack trace filtering (match, !match, matchTrace, !matchTrace).
- [x] Dynamic regex generation (exec:).
- [x] Dynamic sinks arguments update (hookFunction).
- [x] Customizable notifications system (alert, notification).
- [x] Required hook logging condition (requiredHook).
- [x] On-demand debugging breakpoints.
- [x] Integrated Devtools log panel.
- [x] Response headers filtering.
- [x] Remote logging via webhooks.
- [x] Extensive theme customization.
Vlerësoni rastin tuaj
A po ju pëlqen DOMLogger++?

Vlerësimi me yje u ruajt

Shënime hedhjeje në qarkullim për 1.0.8
Added
  • A new title hint has been added to the options config editor (#35) (Thanks Maltemo).
  • Introduced a new logOnly storage dev flag (this will be useful in upcoming versions).
  • Several shortcuts have been added to the options config editor, making JSON editing easier (see README.md).
  • Two new shortcuts have been added on all pages for quick access to the popup and options (see README.md).
  • The JSON editor now features syntax highlighting and line numbers.
  • A new GLOBAL.json config file is available, allowing shared common settings across configurations.

Updated
  • Custom types have been removed. The custom object is now transparent and no longer causes a race condition that hide certain sinks from the logger.
  • The hideThis option has been removed and replaced with showThis. Now, by default, this= will not appear in logs.
  • The CSPT.json config has been updated to log the method as well.

Fixed
  • The "Go to" button is now working again. It should no longer incorrectly match every identical sink in a JavaScript file.
  • Hooking Object.defineProperty should no longer cause a DoS.
  • Several fixes have been applied to the workshop application (#33) (Thanks owalid).
  • An HTML injection in the DevTools panel has been fixed (Thanks W0rty).
  • The DataTables error in DevTools has been fixed, and the alert error should no longer appear.