Item logo image for postLogger

postLogger

ndevtk.github.io/writeups
ExtensionPrivacy & Security89 users
Item media 2 (screenshot) for postLogger
Item media 1 (screenshot) for postLogger
Item media 2 (screenshot) for postLogger
Item media 1 (screenshot) for postLogger
Item media 1 (screenshot) for postLogger
Item media 2 (screenshot) for postLogger

Overview

Extension to log postMessage()

- console.info for postMessages from all_frames. - detects the scope of sent messages. - origins that are insecure due to being a sandbox domain or a wildcard, will be prefixed with UNSAFE. - detects if a website does not check MessageEvent.origin - MessageChannel API May cause unexpected behavior so please use it in a different browser profile and disable when not wanted. Code can be found at https://github.com/NDevTK/postLogger

0 out of 5No ratings

Google doesn't verify reviews. Learn more about results and reviews.

Details

  • Version
    1.2
  • Updated
    November 20, 2024
  • Size
    22.61KiB
  • Languages
    English
  • Developer
    Website
    Email
    ndevtk@protonmail.com
  • Non-trader
    This developer has not identified itself as a trader. For consumers in the European Union, please note that consumer rights do not apply to contracts between you and this developer.

Privacy

The developer has disclosed that it will not collect or use your data. To learn more, see the developer’s privacy policy.

This developer declares that your data is

  • Not being sold to third parties, outside of the approved use cases
  • Not being used or transferred for purposes that are unrelated to the item's core functionality
  • Not being used or transferred to determine creditworthiness or for lending purposes

Related

Trufflehog

4.6(9)

Sniffing out credentials

FoxyProxy

3.8(777)

Easy to use advanced Proxy Management tool for everyone

postMessage Developer Tools

5.0(4)

Provides a dev tools panel to view postMessages for the current page

Untrusted Types for DevTools

5.0(3)

Abusing Trusted Types to discover XSS sinks.

Hack-Tools

4.6(28)

The all in one Red team extension for web pentester

CSP Evaluator

3.2(30)

CSP Evaluator is a tool that allows developers to check if a Content Security Policy (CSP) serves as mitigation against XSS attacks.

HackBar

4.2(53)

A browser extension for Penetration Testing

retire.js

4.9(9)

Scanning website for vulnerable js libraries

postMessageObserver

0.0(0)

A Chrome extension that allows you to observe the flow of postMessage messages on the side panel.

postMessage-catcher

3.0(2)

A Chrome extension that captures the content of postMessage.

Shodan

4.5(137)

The Shodan plugin tells you where the website is hosted (country, city), who owns the IP and what other services/ ports are open.

JSBeautify for Google Chrome™

3.7(52)

When you view a JavaScript file, Clippy will ask you if you want to format it.

Trufflehog

4.6(9)

Sniffing out credentials

FoxyProxy

3.8(777)

Easy to use advanced Proxy Management tool for everyone

postMessage Developer Tools

5.0(4)

Provides a dev tools panel to view postMessages for the current page

Untrusted Types for DevTools

5.0(3)

Abusing Trusted Types to discover XSS sinks.

Hack-Tools

4.6(28)

The all in one Red team extension for web pentester

CSP Evaluator

3.2(30)

CSP Evaluator is a tool that allows developers to check if a Content Security Policy (CSP) serves as mitigation against XSS attacks.

HackBar

4.2(53)

A browser extension for Penetration Testing

retire.js

4.9(9)

Scanning website for vulnerable js libraries

Google apps