React2shell - RSC Sentinel nga Muhammad Uwais
A Firefox extension for detecting React2Shell vulnerabilities (CVE-2025-55182 and CVE-2025-66478) in web applications.
Tejtëdhëna Zgjerimi
Foto ekrani
Rreth këtij zgjerimi
Overview
RSC Sentinel is a Firefox browser extension for security researchers and educators who want to observe React Server Components (RSC) and Next.js App Router indicators while browsing. It focuses on passive detection by default, highlighting potential signals without altering site behavior. For authorized assessments, it also offers optional manual tools for active probing and controlled command execution initiated by the user.
Features
How Detection Works (High-Level)
RSC Sentinel evaluates a combination of runtime indicators, HTTP response headers, and response content patterns that are commonly associated with RSC and App Router behavior. Results are presented as signals and should be interpreted as indicators rather than definitive proof of vulnerability.
RSC Sentinel is a Firefox browser extension for security researchers and educators who want to observe React Server Components (RSC) and Next.js App Router indicators while browsing. It focuses on passive detection by default, highlighting potential signals without altering site behavior. For authorized assessments, it also offers optional manual tools for active probing and controlled command execution initiated by the user.
Features
- Passive Detection: Automatically watches for high-level RSC and App Router indicators during normal browsing.
- Active Probing: Allows a user-initiated fingerprint request to gather additional signals in a controlled manner.
- Manual Command Execution: Provides a manual, user-driven execution workflow intended strictly for authorized testing.
How Detection Works (High-Level)
RSC Sentinel evaluates a combination of runtime indicators, HTTP response headers, and response content patterns that are commonly associated with RSC and App Router behavior. Results are presented as signals and should be interpreted as indicators rather than definitive proof of vulnerability.
Vlerësuar me 5 nga 1 shqyrtues
Leje dhe të dhëna
Leje të domosdoshme:
- Të hyjë në të dhënat tuaja për krejt sajtet
Leje opsionale:
- Të hyjë në të dhënat tuaja për krejt sajtet
Grumbullim të dhënash:
- Zhvilluesi thotë se ky zgjerim s’lyp mbledhje të dhënash.
Më tepër të dhëna
- Version
- 1.1
- Madhësi
- 166,75 KB
- Përditësuar së fundi më
- 10 orë më parë (13 Shk 2026)
- Kategori të Afërta
- Licencë
- Mozilla Public License 2.0
- Historik Versionesh
- Shtojeni në koleksion