Untrusted Types for DevTools
Overview
Untrusted Types for DevTools is a Chrome extension developed by Thomas Orlita.
According to the data from Chrome web store, current version of Untrusted Types for DevTools is 1.1.1, updated on 2021-10-12.
1,000+ users have installed this extension.
3 users have rated this extension with an average rating of .
Abusing Trusted Types to discover XSS sinks.
Discover and test inputs passed into sinks that could lead to DOM XSS vulnerabilities.
A sink is a code pattern that could run arbitrary JavaScript code if the input is malicious, for example: innerHTML, eval, document.write.
This extension adds a panel to DevTools where you can see/filter the sink logs and customize settings.
Keywords (by default: "d0mxss") that are found to be passed in a sink will be highlighted in the extension and in console.
You can then find the stack trace of a specific log:
1. Click to copy the ID,
2. Open Console>Filter and paste the ID,
3. Now you can inspect the stack trace. Click on the function name to open it in the Sources tab.
Untrusted Types for DevTools Alternatives
Latest Reviews
See More
Rizan Fauzi
2021-08-31
fantastic tool! helps me display the xss dom sink in devtools console! Thanks |
Rizan Fauzi
2021-08-31
fantastic tool! helps me display the xss dom sink in devtools console! Thanks |
Rizan Fauzi
2021-08-31
fantastic tool! helps me display the xss dom sink in devtools console! Thanks |
Rizan Fauzi
2021-08-31
fantastic tool! helps me display the xss dom sink in devtools console! Thanks |
Rizan Fauzi
2021-08-31
fantastic tool! helps me display the xss dom sink in devtools console! Thanks |