bghmfoakiidiedpheejcjhciekobjcjp
Chrome Developer Tools [API 🔎] panel tries to gather every bit of useful information from the usage of certain native functions that are prone to human errors, or are difficult to spot intuitively. Motivation To assess Web Application implementation correctness and expedite issues discovery. See examples at https://github.com/zendive/browser-api-monitor/doc/issues.log.md Functionality - Gather callstack that is used to call every wrapped function: - short - just the nearest initiator. - full - from the root to the nearest initiator (from left to right). - Aggregate information about currently scheduled timeouts and running active intervals. - Gather details about which terminators are cancelling certain scheduled setters. - Allow to initiate a debugging session by redirecting the code flow to a `debugger` breakpoint right before the callback invocation. - Hit F11 (step inside) twice in order to progress into the callback itself. - Allow to bypass (skip) setter's callback, or terminator invocation function. - Detect anomalies in passed arguments such as: - Passing incorrect timeout delay to `setTimeout`, `setInterval`, `requestIdleCallback`. - Correct one is `undefined` or a number that is greater or equal to `0`. - Invoking terminator function with handler that is non-positive integer, or of non-existent or already elapsed setter. - Measure callback's execution self-time. - Warn if it exceeds 4/5 (13.33ms) of 60 FPS hardcoded frame-rate (16.66ms). - Count calls per second (CPS) when applicable. - Detect `eval` function usage in runtime, as well as `setTimeout` and `setInterval` when called with a `string` callback instead of a `function`. - By default - off, cause the fact of wrapping it, excludes the access to local scope variables from the `eval` script, and as a result, may break the application if it does depend on it. - Monitor Worker's methods and event handlers metrics. - Warn if number of active workers exceeds number of available CPU cores. - keep in mind: extension API can't wrap `self.close()` in worker global context (only `terminate()` in top context) - Detect anomalies: - attempt to add already added listener with `addEventListener`. - attempt to remove unknown listener with `removeEventListener`. - Monitor `scheduler.yield` and `scheduler.postTask`. - Calls, delay, priority, aborts, self-time metrics. - Monitor mounted `video` and `audio` media elements in DOM. - Present control panel with basic media functions. - Show media events and number of times they have been fired. - Show current state of properties. - Allow to toggle the state of changeable boolean properties e.g. `controls`, `preservesPitch`... - Prevent the system from going to Sleep state due to user inactivity for a better observational experience. By default - off. Note: - while measuring performance of your code – consider disabling this extension as it may affect the results.
CyberPost Lab
A fully offline, browser-based HTTP request testing tool for cybersecurity researchers CyberPost Lab - Comprehensive Web Testing Tool for Security Researchers Brief Description CyberPost Lab is a specialized Chrome extension that enables security researchers, penetration testers, and information security specialists to conduct comprehensive web tests completely offline. The tool combines an advanced payload generator, encoding/decoding utilities, and an integrated HTTP request laboratory, all within a modern, user-friendly interface. Key Features Integrated HTTP Request Laboratory - Send and receive HTTP/HTTPS requests using any method (GET, POST, PUT, DELETE, and more) - Full support for custom parameters and headers - View responses in formatted JSON, raw text, or HTML preview - Create mock requests for testing without an internet connection - Automatic session persistence between browser sessions Encoding and Decoding Tools - Easily encode and decode Base64 - URL encoding and decoding - HTML entity conversion and reversal - JWT decoding with structured content display Specialized Payload Generator A comprehensive collection of ready-to-use test payloads for immediate security testing: - XSS (Cross-Site Scripting) - SQL Injection - Command Injection - LFI (Local File Inclusion) - SSRF (Server-Side Request Forgery) - RCE (Remote Code Execution) - SSTI (Server-Side Template Injection) - XXE (XML External Entity) - CRLF Injection - JSON Injection - Host Header Injection - Windows LFI Who Is This Tool For ? CyberPost Lab targets professionals in the cybersecurity field, including: - Ethical hackers and security researchers - Web developers concerned with application security - Information security students and practitioners - Security incident response teams Additional Features - Modern user interface inspired by professional cybersecurity tools - Smooth and responsive user experience - Works completely offline without requiring an internet connection - Maintains data privacy - all operations occur locally on your device - Compatible with the latest versions of Chrome browser Developed by the Ghostbyte® Team Created by a team specialized in information security with a focus on providing practical tools for security professionals. CyberPost Lab - Your Essential Web Security Testing Toolkit. have fun
Qyrus API Discovery
Testing APIs has become easier and easier with the passing day. But discovering APIs running on a website and their interactions with each other is still a problem waiting to be solved. To solve this problem we have developed our very own Qyrus API Discovery extension. This extension gets seamlessly integrated into your Chrome browser's developer tools (dev tools as we nerds like to call them).
API Response Viewer
Captures, formats, and displays API responses in a clean interface for easy debugging and analysis of web applications. API Response Viewer is a Chrome extension that helps developers monitor and analyze API requests in real-time. It captures HTTP requests, displays them in an organized list, and formats the JSON responses for improved readability. The viewer shows essential request information including URLs, method types, response sizes, and loading times. Users can search for specific endpoints, reload the capture session, and copy JSON data with a single click. The tool also features a clean, dark-themed interface with collapsible JSON trees that highlight different data types with distinct colors for better visual parsing. This extension is particularly useful for web developers who need to debug API interactions, inspect response structures, or monitor network activity without switching between different developer tools.
API Call Recorder
Record and analyze API calls directly from your browser. API Call Recorder is a powerful Chrome extension designed for developers and QA engineers to monitor and analyze API calls made by web applications. With this tool, you can: Record API Calls: Capture all outgoing API requests and responses in real-time. View Detailed Information: Inspect request headers, payloads, response headers, and body content. Send to LLM: Easily send API payloads to a Large Language Model (LLM) for further analysis or code generation. Download Requests: Save API request and response data as JSON files for offline analysis. Customizable Settings: Configure API endpoints and authentication tokens directly from the extension. Code Viewer: View and format Java code generated by the LLM with line numbers and syntax highlighting. This extension is ideal for debugging, testing, and understanding the behavior of web applications. Start/Stop recording with a single click. Clear recorded data instantly. User-friendly interface with tooltips and collapsible panels. Secure storage of API endpoint and bearer token. Lightweight and easy to use. Permissions: The extension requires permissions to access network activity and interact with debugging tools to capture API calls. Note: This extension is intended for developers and QA professionals. It does not collect or transmit any personal data.
