Tracy is a developer tools chrome extension. it's a free extension , it has 641 active users since released its first version, it earns an average rating of 4.00 from 2 rated user, last update is 1072 days ago.
There are many different ways to trigger XSS, especially considering the large number of frontend frameworks that have been made popular in the last few years. For example, some of the less traditional ways of exploiting XSS can be through: * DOM clobbering * DOM injection * Frontend template injection * Backend template injection * Open redirects These attack vectors are significantly different than traditional stored and reflected XSS cases and they require new tools for finding them effectively. Many similar tools only look for server response reflection, however this is not very helpful if all output encoding is performed by the frontend. In order to really gain knowledge about all the true sinks of the application, we need a tool that grants us "X-ray vision into the DOM". This extensions was written with the goal of eliminating XSS by assisting a penetration tester in identifying every source of input into an application and following that input to all of its sinks. These cases are documented and stored as references that can be used to identify the locations of potentially risky input.
You could download the latest version crx file or older version files and install it.
English (United States).
50% user give 5-star rating, 50% user give 3-star rating. Read reviews of tracy
You could find more help information from tracy support page.
You could send emails to publisher, or check publisher's website.
More about manifest_file of tracy.
You could click to report abuse of tracy.
Initial Review: ---------------- Installs cleanly, loads fine, however there is not comphrensive documentation (yet) to explain what exactly its doing to help pentest a site. Very cryptic desc. of its functions. I will report back once i learn some more but you should have a very firm handle on XSS before using this
Quite the tool to look for XSS...a must have tool