Item logo image for postLogger

postLogger

https://ndevtk.github.io/writeups/
ExtensionPrivacy & Security89 users
Item media 2 (screenshot) for postLogger
Item media 1 (screenshot) for postLogger
Item media 2 (screenshot) for postLogger
Item media 1 (screenshot) for postLogger
Item media 1 (screenshot) for postLogger
Item media 2 (screenshot) for postLogger

Overview

Extension to log postMessage()

- console.info for postMessages from all_frames. - detects the scope of sent messages. - origins that are insecure due to being a sandbox domain or a wildcard, will be prefixed with UNSAFE. - detects if a website does not check MessageEvent.origin - MessageChannel API May cause unexpected behavior so please use it in a different browser profile and disable when not wanted. Code can be found at https://github.com/NDevTK/postLogger

0 out of 5No ratings

Google doesn't verify reviews. Learn more about results and reviews.

Details

  • Version
    1.4
  • Updated
    April 26, 2025
  • Size
    22.96KiB
  • Languages
    English
  • Developer
    Website
    Email
    ndevtk@protonmail.com
  • Non-trader
    This developer has not identified itself as a trader. For consumers in the European Union, please note that consumer rights do not apply to contracts between you and this developer.

Privacy

The developer has disclosed that it will not collect or use your data. To learn more, see the developer’s privacy policy.

This developer declares that your data is

  • Not being sold to third parties, outside of the approved use cases
  • Not being used or transferred for purposes that are unrelated to the item's core functionality
  • Not being used or transferred to determine creditworthiness or for lending purposes

Related

Trufflehog

4.6(9)

Sniffing out credentials

Endpoint Extractor

5.0(1)

Extracts endpoints from the current page.

FoxyProxy

3.8(781)

Easy to use advanced Proxy Management tool for everyone

postMessage Developer Tools

5.0(4)

Provides a dev tools panel to view postMessages for the current page

Hack-Tools

4.6(30)

The all in one Red team extension for web pentester

CSP Evaluator

3.1(31)

CSP Evaluator is a tool that allows developers to check if a Content Security Policy (CSP) serves as mitigation against XSS attacks.

HackBar

4.2(54)

A browser extension for Penetration Testing

retire.js

4.9(10)

Scanning website for vulnerable js libraries

postMessageObserver

0.0(0)

A Chrome extension that allows you to observe the flow of postMessage messages on the side panel.

postMessage-catcher

3.0(2)

A Chrome extension that captures the content of postMessage.

Gecko

0.0(0)

Automated CSPT discovery tool

Shodan

4.5(137)

The Shodan plugin tells you where the website is hosted (country, city), who owns the IP and what other services/ ports are open.

Trufflehog

4.6(9)

Sniffing out credentials

Endpoint Extractor

5.0(1)

Extracts endpoints from the current page.

FoxyProxy

3.8(781)

Easy to use advanced Proxy Management tool for everyone

postMessage Developer Tools

5.0(4)

Provides a dev tools panel to view postMessages for the current page

Hack-Tools

4.6(30)

The all in one Red team extension for web pentester

CSP Evaluator

3.1(31)

CSP Evaluator is a tool that allows developers to check if a Content Security Policy (CSP) serves as mitigation against XSS attacks.

HackBar

4.2(54)

A browser extension for Penetration Testing

retire.js

4.9(10)

Scanning website for vulnerable js libraries

Google apps