Log in
Preview of DOMLogger++

DOMLogger++ by Kévin (Mizu)

DOMLogger++ allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.

5 (3 reviews)
249 Users
You'll need Firefox to use this extension
Download Firefox and get the extension
Download file
Screenshots
About this extension
Description:

DOMLogger++ is a browser extension developed for web developers and security researchers. It hooks into specific JavaScript sinks, helping users understand how web scripts operate. With customizable JSON settings, users can adjust how the extension works according to their needs.

This tool is especially useful for those looking to identify security risks in web applications. By offering insights into JavaScript interactions, DOMLogger++ can help spot potential vulnerabilities in websites.

Features:

- [x] Regex-based domain management.
- [x] Flexible hooking configuration (class, function, attribute, event).
- [x] Regex-based hooks arguments and stack trace filtering (match, !match, matchTrace, !matchTrace).
- [x] Dynamic regex generation (exec:).
- [x] Dynamic sinks arguments update (hookFunction).
- [x] Customizable notifications system (alert, notification).
- [x] Required hook logging condition (requiredHook).
- [x] On-demand debugging breakpoints.
- [x] Integrated Devtools log panel.
- [x] Response headers filtering.
- [x] Remote logging via webhooks.
- [x] Extensive theme customization.
Rated 5 by 3 reviewers

Star rating saved

5
3
4
0
3
0
2
0
1
0
Permissions and dataLearn more

Required permissions:

  • Extend developer tools to access your data in open tabs
  • Display notifications to you
  • Access browser tabs
  • Access your data for all websites
More information
Version
1.0.8
Size
720.99 KB
Last updated
6 months ago (Feb 27, 2025)
Version History
Add to collection
Report this add-on
Release notes for 1.0.8
Added
  • A new title hint has been added to the options config editor (#35) (Thanks Maltemo).
  • Introduced a new logOnly storage dev flag (this will be useful in upcoming versions).
  • Several shortcuts have been added to the options config editor, making JSON editing easier (see README.md).
  • Two new shortcuts have been added on all pages for quick access to the popup and options (see README.md).
  • The JSON editor now features syntax highlighting and line numbers.
  • A new GLOBAL.json config file is available, allowing shared common settings across configurations.

Updated
  • Custom types have been removed. The custom object is now transparent and no longer causes a race condition that hide certain sinks from the logger.
  • The hideThis option has been removed and replaced with showThis. Now, by default, this= will not appear in logs.
  • The CSPT.json config has been updated to log the method as well.

Fixed
  • The "Go to" button is now working again. It should no longer incorrectly match every identical sink in a JavaScript file.
  • Hooking Object.defineProperty should no longer cause a DoS.
  • Several fixes have been applied to the workshop application (#33) (Thanks owalid).
  • An HTML injection in the DevTools panel has been fixed (Thanks W0rty).
  • The DataTables error in DevTools has been fixed, and the alert error should no longer appear.
More extensions by Kévin (Mizu)