Share
## https://sploitus.com/exploit?id=34009479-5108-58B7-9213-1086684D41BC
# VulnRadar โ Web Security Scanner
A Chrome extension for web security penetration testing, featuring six detection modules. ## Features
### 1. JS Endpoint Discovery
- Extracts API endpoints from JavaScript files
- Tests endpoint accessibility concurrently, with timeout control supported
- Detects sensitive data (API keys, tokens, passwords, AWS keys, private keys, ID cards)
- Analyzes response types and sizes
- Intelligent filtering of dangerous operations
- **403 Auto Bypass**: 8 bypass techniques
- **One-Click Testing**: Test buttons available after each interface
- **Vulnerability pop-up alerts**
### 2. Sensitive Directory Discovery
- Scans common sensitive paths (Swagger, Actuator, Git leaks, etc.)
- Detects configuration file leaks (.git, .svn, .DS_Store)
- Identifies backup files (www.zip, backup.zip, etc.)
- Checks intermediate management pages (Tomcat, Druid, Nacos, etc.)
- **One-Click Testing**: Test buttons available after each path
- **Vulnerability pop-up alerts**
### 3. DOM XSS Detection
- Monitors dangerous sinks (innerHTML, eval, document.write, etc.)
- Checks polluted data streams from URLs/hashes/referrers
- Identifies XSS patterns in URL parameters
- Real-time hooks and alerts
- **Vulnerability pop-up alerts**
### 4. Cross-Domain Message Tracking
- Monitors cross-domain message transmission events
- Captures message data, source, and origin
- Records timestamps of all events
### 5. Prototype Pollution Detection
- Tests prototype pollution vulnerabilities in URL parameters
- Generates multiple payload variants
- Reports vulnerable parameters
- **Vulnerability pop-up alerts**
### 6. Redirection Vulnerability Detection
- Detects open redirection vulnerabilities
- Analyzes URL parameter names and values
- Automatically decodes (URL encoding, double encoding)
- Identifies dangerous protocols (javascript:, data:)
- Generates test payloads
- **Vulnerability pop-up alerts**
## Installation
1. Clone or download this repository
2. Open Chrome and visit `chrome://extensions/`
3. Enable "Developer Mode" in the top right corner
4. Click "Load Unpacked Extensions"
5. Select the `bmscan` directory
## Usage
### Manual Scanning
1. Click the extension icon
2. Click "Test Now" for any module
3. View results in the browser console
4. Automatic pop-up alerts when vulnerabilities are found
### Automatic Scanning Mode
1. Click the extension icon
2. Switch the "Automatic" switch for desired modules
3. Modules run automatically every time the page loads
### Result Viewing
- **Floating Panel**: Results displayed directly in a draggable panel at the top of the page
- **Console**: Detailed information output to the browser console
- **Popup Summary**: Detection summaries displayed in the extension pop-up
- **Resizable Panel**: Can be manually resized
## Output
Results are output using `console.table()`, making them easy to read. Additionally, a macOS-style floating result panel is displayed at the top of the page.
## Permissions
- `activeTab`: Access to the current tab
- `scripting`: Inject content scripts
- `storage`: Save automatic scan preferences
- `tabs`: Monitor page loading
- ``: Access to all websites
## Development
Project structure:
```
bmscan/
โโโ manifest.json
โโโ popup.html
โโโ popup.js
โโโ background.js
โโโ icons/
โ โโโ icon16.png
โ โโโ icon48.png
โ โโโ icon128.png
โโโ content_scripts/
โโโ results-panel.js
โโโ endpoint-finder.js
โโโ sensitive-dir-finder.js
โโโ dom-xss-detector.js
โโโ postmessage-tracker.js
โโโ prototype-pollution.js
โโโ redirect-detector.js
```
## License
MIT