abusing trusted types to discover XSS sinks..
Discover and test inputs passed into sinks that could lead to dom xss vulnerabilities.
A sink is a code pattern that could run arbitrary javascript code if the input is malicious, for example: innerHTML, eval, document.write.
This extension adds a panel to DevTools where you can see/filter the sink logs and customize settings.
Keywords (by default: "d0mxss") that are found to be passed in a sink will be highlighted in the extension and in console.
You can then find the stack trace of a specific log:
1. Click to copy the ID,
2. Open Console>Filter and paste the ID,
3. Now you can inspect the stack trace. Click on the function name to open it in the Sources tab.
You can Follow the below Step By Step procedure to install the Untrusted Types for DevTools Chrome Extension to your Chrome Web browser.
It is the Untrusted Types for DevTools Chrome extension download link you can download and install Chrome Browser.
Tags: Code Pattern , Open Console Filter , Customize Settings , Stack Trace , Arbitrary Javascript Code , Dom Xss Vulnerabilities , Xss Sinks , Test Inputs , Discover Xss Sinks , Sink Logs ,
Makes ReasonML types more readable when they are logged to the console.
Regain control of the web and surf more securely.
This extension avoids untrusted shopping sites.
Protect browsers from accessing untrusted websites.
Manages DevTools with Node V8 Inspector (node --inspect) Debugging Workflow
A highly customized dark theme for Devtools.
Chrome and Firefox DevTools extension for debugging Vue.js applications.
Check email recipients before sending
Change Chrome Devtool Styles
RxJS DevTools extension for debugging streams