Item logo image for Gecko

Gecko

ExtensionDeveloper Tools103 users
Item media 1 (screenshot) for Gecko

Overview

Automated CSPT discovery tool

Gecko is an open-source (https://github.com/vitorfhc/gecko/) powerful Chrome extension designed for web security enthusiasts and professionals. Effortlessly detect client-side path traversal vulnerabilities directly within your browser. Key Features: - Comprehensive UI: Clearly view and manage all security findings in one intuitive interface. - Easy Configuration: Quickly customize detection settings through a convenient popup. - Real-Time Detection: Automatically intercept HTTP requests to identify client-side path traversals. - Partial Matching: Supports partial match detection to enhance coverage and precision.

0 out of 5No ratings

Google doesn't verify reviews. Learn more about results and reviews.

Details

  • Version
    1.4.1
  • Updated
    June 17, 2025
  • Size
    703KiB
  • Languages
    English
  • Developer
    Email
    vitorfhcosta@gmail.com
  • Non-trader
    This developer has not identified itself as a trader. For consumers in the European Union, please note that consumer rights do not apply to contracts between you and this developer.

Privacy

The developer has disclosed that it will not collect or use your data. To learn more, see the developer’s privacy policy.

This developer declares that your data is

  • Not being sold to third parties, outside of the approved use cases
  • Not being used or transferred for purposes that are unrelated to the item's core functionality
  • Not being used or transferred to determine creditworthiness or for lending purposes

Support

For help with questions, suggestions, or problems, visit the developer's support site

Related

retire.js

4.9(10)

Scanning website for vulnerable js libraries

EndPointer

5.0(2)

An endpoint parser and extractor with many flexible features

DotGit

4.8(12)

An extension for checking if .git is exposed in visited websites

DOMLogger++

5.0(5)

DOMLogger++ allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.

Untrusted Types for DevTools

5.0(3)

Abusing Trusted Types to discover XSS sinks.

S3BucketList

5.0(1)

S3BucketList automatically scans network requests made by your browser to detect Amazon S3 bucket URLs

YesWeHack VDP Finder

5.0(3)

This extension tells if visited sites have vulnerability disclosure programs

FindSomething

4.9(37)

在网页的源代码或js中找到一些有趣的东西

HackBar

4.2(54)

A browser extension for Penetration Testing

Altair GraphQL Client

4.6(70)

A beautiful feature-rich GraphQL Client for all platforms.

FoxyProxy

3.8(782)

Easy to use advanced Proxy Management tool for everyone

Endpoint Extractor

5.0(2)

Extracts endpoints from the current page.

retire.js

4.9(10)

Scanning website for vulnerable js libraries

EndPointer

5.0(2)

An endpoint parser and extractor with many flexible features

DotGit

4.8(12)

An extension for checking if .git is exposed in visited websites

DOMLogger++

5.0(5)

DOMLogger++ allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.

Untrusted Types for DevTools

5.0(3)

Abusing Trusted Types to discover XSS sinks.

S3BucketList

5.0(1)

S3BucketList automatically scans network requests made by your browser to detect Amazon S3 bucket URLs

YesWeHack VDP Finder

5.0(3)

This extension tells if visited sites have vulnerability disclosure programs

FindSomething

4.9(37)

在网页的源代码或js中找到一些有趣的东西

Google apps