Share
## https://sploitus.com/exploit?id=34009479-5108-58B7-9213-1086684D41BC
# VulnRadar โ€“ Web Security Scanner

A Chrome extension for web security penetration testing, featuring six detection modules. ## Features

### 1. JS Endpoint Discovery
- Extracts API endpoints from JavaScript files
- Tests endpoint accessibility concurrently, with timeout control supported
- Detects sensitive data (API keys, tokens, passwords, AWS keys, private keys, ID cards)
- Analyzes response types and sizes
- Intelligent filtering of dangerous operations
- **403 Auto Bypass**: 8 bypass techniques
- **One-Click Testing**: Test buttons available after each interface
- **Vulnerability pop-up alerts**

### 2. Sensitive Directory Discovery
- Scans common sensitive paths (Swagger, Actuator, Git leaks, etc.)
- Detects configuration file leaks (.git, .svn, .DS_Store)
- Identifies backup files (www.zip, backup.zip, etc.)
- Checks intermediate management pages (Tomcat, Druid, Nacos, etc.)
- **One-Click Testing**: Test buttons available after each path
- **Vulnerability pop-up alerts**

### 3. DOM XSS Detection
- Monitors dangerous sinks (innerHTML, eval, document.write, etc.)
- Checks polluted data streams from URLs/hashes/referrers
- Identifies XSS patterns in URL parameters
- Real-time hooks and alerts
- **Vulnerability pop-up alerts**

### 4. Cross-Domain Message Tracking
- Monitors cross-domain message transmission events
- Captures message data, source, and origin
- Records timestamps of all events

### 5. Prototype Pollution Detection
- Tests prototype pollution vulnerabilities in URL parameters
- Generates multiple payload variants
- Reports vulnerable parameters
- **Vulnerability pop-up alerts**

### 6. Redirection Vulnerability Detection
- Detects open redirection vulnerabilities
- Analyzes URL parameter names and values
- Automatically decodes (URL encoding, double encoding)
- Identifies dangerous protocols (javascript:, data:)
- Generates test payloads
- **Vulnerability pop-up alerts**

## Installation

1. Clone or download this repository
2. Open Chrome and visit `chrome://extensions/`
3. Enable "Developer Mode" in the top right corner
4. Click "Load Unpacked Extensions"
5. Select the `bmscan` directory

## Usage

### Manual Scanning
1. Click the extension icon
2. Click "Test Now" for any module
3. View results in the browser console
4. Automatic pop-up alerts when vulnerabilities are found

### Automatic Scanning Mode
1. Click the extension icon
2. Switch the "Automatic" switch for desired modules
3. Modules run automatically every time the page loads

### Result Viewing
- **Floating Panel**: Results displayed directly in a draggable panel at the top of the page
- **Console**: Detailed information output to the browser console
- **Popup Summary**: Detection summaries displayed in the extension pop-up
- **Resizable Panel**: Can be manually resized

## Output

Results are output using `console.table()`, making them easy to read. Additionally, a macOS-style floating result panel is displayed at the top of the page.

## Permissions

- `activeTab`: Access to the current tab
- `scripting`: Inject content scripts
- `storage`: Save automatic scan preferences
- `tabs`: Monitor page loading
- ``: Access to all websites

## Development

Project structure:
```
bmscan/
โ”œโ”€โ”€ manifest.json
โ”œโ”€โ”€ popup.html
โ”œโ”€โ”€ popup.js
โ”œโ”€โ”€ background.js
โ”œโ”€โ”€ icons/
โ”‚   โ”œโ”€โ”€ icon16.png
โ”‚   โ”œโ”€โ”€ icon48.png
โ”‚   โ””โ”€โ”€ icon128.png
โ””โ”€โ”€ content_scripts/
    โ”œโ”€โ”€ results-panel.js
    โ”œโ”€โ”€ endpoint-finder.js
    โ”œโ”€โ”€ sensitive-dir-finder.js
    โ”œโ”€โ”€ dom-xss-detector.js
    โ”œโ”€โ”€ postmessage-tracker.js
    โ”œโ”€โ”€ prototype-pollution.js
    โ””โ”€โ”€ redirect-detector.js
```

## License

MIT