Chrome Extensions Developer Tools Chrome Extension Untrusted Types for DevTools chrome extension

Untrusted Types for DevTools chrome extension

Version: 1.1.1
Untrusted Types for DevTools
Abusing Trusted Types to discover XSS sinks.
5.00 Based on 3 user rates
Read reviews & comments

What is Untrusted Types for DevTools?

Untrusted Types for DevTools is a developer tools chrome extension. it's a free extension , it has 1,000+ active users since released its first version, it earns an average rating of 5.00 from 3 rated user, last update is 928 days ago.

What’s new in version 1.1.1? 

                Discover and test inputs passed into sinks that could lead to DOM XSS vulnerabilities.

A sink is a code pattern that could run arbitrary JavaScript code if the input is malicious, for example: innerHTML, eval, document.write.

This extension adds a panel to DevTools where you can see/filter the sink logs and customize settings.

Keywords (by default: "d0mxss") that are found to be passed in a sink will be highlighted in the extension and in console.

You can then find the stack trace of a specific log:
1. Click to copy the ID,
2. Open Console>Filter and paste the ID,
3. Now you can inspect the stack trace. Click on the function name to open it in the Sources tab.

How to install Untrusted Types for DevTools?

You could download the latest version crx file or older version files and install it.

Preview of Untrusted Types for DevTools

Technical Features:

  • Latest Version: 1.1.1
  • Requirements: Windows Chrome, Mac Chrome
  • License: Free
  • Latest update: Tuesday, October 12th, 2021
  • Author: Thomas Orlita

Untrusted Types for DevTools Available languages:

English.

FAQ

Reviews of untrusted types for devtools:

Rizan Fauzi August 31st, 2021
Rizan Fauzi

fantastic tool! helps me display the xss dom sink in devtools console! Thanks

Read more review & comments of untrusted types for devtools