Comment by doomerhunter
3 days ago
Looks very cool. Wondering what the client-side security researchers will be able to find with that. A friend of mine is developping DomLoggerpp [1] notably to monitor and debug JavaScript sinks.
3 days ago
Looks very cool. Wondering what the client-side security researchers will be able to find with that. A friend of mine is developping DomLoggerpp [1] notably to monitor and debug JavaScript sinks.
Thanks! Tools like DomLoggerpp are super interesting for browser security work. I’ve worked in this area too (e.g., https://github.com/fcavallarin/domdig).
Wirebrowser comes at it from a different angle - no instrumentation, just inspecting the live heap and following how values propagate. Curious to see what people end up exploring with these approaches.