WebSurgeon

Advanced network inspection with request highlighting, color tagging, request repeating, passive scanner for JS files and retirejs

WebSurgeon is a powerful browser-native security toolkit for web application testers, bug bounty hunters, and developers who need deep visibility into HTTP traffic — without leaving the browser. 🔍 ADVANCED NETWORK INSPECTION Go beyond DevTools. Capture, filter, and analyze every request with a high-signal interface designed for security workflows. Spot anomalies fast with color-coded request tagging and real-time highlighting. 🏷️ REQUEST HIGHLIGHTING & COLOR TAGGING Visually organize traffic by marking requests with custom color tags. Track interesting endpoints, flag suspicious patterns, and keep your testing sessions organized across complex applications. 🔁 REQUEST REPEATING Resend any captured request with a single click — no need to trigger the original action again. Tweak parameters, headers, or payloads on the fly for quick manual testing. 🛡️ PASSIVE JAVASCRIPT SCANNER Automatically analyzes JavaScript files loaded by the page for hardcoded secrets, API keys, sensitive strings, and security misconfigurations — passively, with no active probing required. 📦 RETIREJS INTEGRATION Detects outdated and vulnerable JavaScript libraries using the RetireJS vulnerability database. Know instantly when a page relies on a component with a known CVE. 🔗 LINK FINDER Extracts all URLs, endpoints, and paths discovered within JS files and page source — surfacing hidden API routes, internal paths, and forgotten endpoints that standard crawlers miss. --- WHO IS THIS FOR? • Bug bounty hunters doing recon and passive analysis • Penetration testers performing web application assessments • Security engineers auditing third-party JS dependencies • Developers checking their own apps for accidental exposure --- PRIVACY & PERMISSIONS WebSurgeon only inspects traffic in the active tab when you choose to run it. No data is sent to external servers. All analysis happens locally in your browser.