devploit
diff --git a/‎README.md‎
Lines changed: 52 additions & 0 deletions b/‎README.md‎
Lines changed: 52 additions & 0 deletions
diff --git a/‎background.js‎
Lines changed: 128 additions & 0 deletions b/‎background.js‎
Lines changed: 128 additions & 0 deletions
diff --git a/‎images/banner.png‎
81.2 KB b/‎images/banner.png‎
81.2 KB
diff --git a/‎images/icon.png‎
30.2 KB b/‎images/icon.png‎
30.2 KB
diff --git a/‎manifest.json‎
Lines changed: 23 additions & 0 deletions b/‎manifest.json‎
Lines changed: 23 additions & 0 deletions
diff --git a/‎popup.html‎
Lines changed: 91 additions & 0 deletions b/‎popup.html‎
Lines changed: 91 additions & 0 deletions
diff --git a/‎popup.js‎
Lines changed: 29 additions & 0 deletions b/‎popup.js‎
Lines changed: 29 additions & 0 deletions
diff --git a/‎similarity.min.js‎
Lines changed: 1 addition & 0 deletions b/‎similarity.min.js‎
Lines changed: 1 addition & 0 deletions
@@ -0,0 +1,52 @@
+# debugHunter - Chrome Extension
+
+<p align="center">
+<img src="https://i.imgur.com/QEUUM9w.png" width="600" height="150" >
+</p>
+
+[![contributions welcome](https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat)](https://github.com/devploit/dontgo403/issues)
+
+Discover hidden debugging parameters and uncover web application secrets with debugHunter, your ultimate web exploration companion. This Chrome extension intelligently scans websites for debugging parameters and notifies you when it finds a URL with modified responses.
+
+## Features
+
+- Automatically detects URLs with modified responses due to debugging parameters
+- Displays a list of URLs with modified responses for easy access
+
+## Installation
+
+### Option 1: Clone the repository
+
+1. Download or clone this repository to your local machine.
+2. Open Google Chrome, and go to `chrome://extensions/`.
+3. Enable "Developer mode" in the top right corner if it's not already enabled.
+4. Click the "Load unpacked" button on the top left corner.
+5. Navigate to the directory where you downloaded or cloned the repository, and select the folder.
+6. The debugHunter extension should now be installed and ready to use.
+
+### Option 2: Download the release (.zip)
+
+1. Download the latest release `.zip` file from the "Releases" section of this repository.
+2. Extract the contents of the `.zip` file to a folder on your local machine.
+3. Open Google Chrome, and go to `chrome://extensions/`.
+4. Enable "Developer mode" in the top right corner if it's not already enabled.
+5. Click the "Load unpacked" button on the top left corner.
+6. Navigate to the directory where you extracted the `.zip` file, and select the folder.
+7. The debugHunter extension should now be installed and ready to use.
+
+## Usage
+
+It is recommended to pin the extension to the toolbar to check if a new URL is found.
+1. Navigate to any website.
+2. Click on the debugHunter extension icon in the Chrome toolbar.
+3. If the extension detects any URLs with modified responses due to debugging parameters, they will be listed in the popup.
+4. Click on any URL in the list to open it in a new tab.
+5. To clear the list, click on the trash can icon in the top right corner of the popup.
+
+## Contributing
+
+We welcome contributions! Please feel free to submit pull requests or open issues to improve debugHunter.
+
+## License
+
+This project is licensed under the MIT License. See the [LICENSE](LICENSE) file for details.
@@ -0,0 +1,128 @@
+// List of query parameters to append
+const queryParams = [
+    { key: "_debug", value: "1" },
+    { key: "test", value: "1" },
+    { key: "admin", value: "1" },
+    { key: "debug", value: "1" },
+    { key: "env", value: "pre" },   
+    { key: "env", value: "debug" },
+    { key: "dev", value: "1" },
+    { key: "staging", value: "1" },
+    { key: "console", value: "1" },
+    { key: "trace", value: "1" },
+    { key: "log", value: "1" },
+    { key: "verbose", value: "1" },
+    { key: "diagnostic", value: "1" },
+    { key: "mode", value: "debug" },
+    { key: "profiler", value: "1" },
+    { key: "debug_mode", value: "1" },
+    { key: "debuglevel", value: "1" },
+    { key: "error_reporting", value: "1" },
+    { key: "show_errors", value: "1" },
+    { key: "performance", value: "1" },
+    { key: "sandbox", value: "1" },
+    { key: "beta", value: "1" },
+    { key: "qa", value: "1" },
+    { key: "dev_mode", value: "1" },
+    { key: "validate", value: "1" },
+    { key: "analysis", value: "1" },
+    { key: "experiment", value: "1" },
+    { key: "test_mode", value: "1" },
+    { key: "debug_flag", value: "1" },
+    { key: "development", value: "1" },
+    { key: "debuginfo", value: "1" },
+    { key: "monitoring", value: "1" },
+    { key: "internal", value: "1" },
+    { key: "debug_status", value: "1" },
+    { key: "debug_output", value: "1" },
+    { key: "testing", value: "1" },
+  ];
+  
+  // Counter for the number of modified URLs
+  let count = 0;
+  
+  // Function to increment the counter and update the badge text
+  function incrementCount() {
+    count += 1;
+    chrome.browserAction.setBadgeText({ text: count.toString() });
+    chrome.browserAction.setBadgeBackgroundColor({ color: 'red' });
+  }
+  
+  // Function to append a specific query parameter to a URL
+  function appendQueryParam(url, param) {
+    const urlObj = new URL(url);
+    urlObj.searchParams.set(param.key, param.value);
+    return urlObj.href;
+  }
+  
+  // Store modified URLs
+  const modifiedUrls = new Set();
+  
+  // Function to add a modified URL
+  function addModifiedUrl(url) {
+    modifiedUrls.add(url);
+    incrementCount(); // Increment the counter and update the badge text when a new URL is added
+  }
+  
+  // Function to get modified URLs
+  function getModifiedUrls() {
+    return Array.from(modifiedUrls);
+  }
+  
+  // Function to clear modified URLs
+  function clearModifiedUrls() {
+    modifiedUrls.clear();
+    count = 0; // Reset the counter when the modified URLs are cleared
+    chrome.browserAction.setBadgeText({ text: '' }); // Clear the badge text
+  }
+  
+  // Expose getModifiedUrls and clearModifiedUrls functions to popup
+  window.getModifiedUrls = getModifiedUrls;
+  window.clearModifiedUrls = clearModifiedUrls;
+  
+  // Function to check if two responses are meaningfully different
+  function isDifferentResponse(originalText, modifiedText) {
+    // Calculate the similarity between the two responses
+    const similarity = stringSimilarity.compareTwoStrings(originalText, modifiedText);
+  
+    // Set a threshold for similarity; responses with similarity below this threshold are considered different
+    const similarityThreshold = 0.90;
+  
+    // Return true if the similarity is below the threshold
+    return similarity < similarityThreshold;
+  }
+  
+  // Function to fetch URL and compare responses with and without each parameter
+  async function checkUrlWithParameters(url) {
+    const originalResponse = await fetch(url);
+    const originalText = await originalResponse.text();
+  
+    // Check all parameters combined
+    const combinedUrl = queryParams.reduce((currentUrl, param) => {
+      return appendQueryParam(currentUrl, param);
+    }, url);
+  
+    const combinedResponse = await fetch(combinedUrl);
+    const combinedText = await combinedResponse.text();
+  
+    if (isDifferentResponse(originalText, combinedText)) {
+      // Check each parameter individually
+      for (const param of queryParams) {
+        const modifiedUrl = appendQueryParam(url, param);
+        const modifiedResponse = await fetch(modifiedUrl);
+        const modifiedText = await modifiedResponse.text();
+  
+        if (isDifferentResponse(originalText, modifiedText)) {
+          addModifiedUrl(modifiedUrl);
+        }
+      }
+    }
+  }
+  
+  // Listen for tab updates to perform background checks
+  chrome.tabs.onUpdated.addListener(async (tabId, changeInfo, tab) => {
+    if (changeInfo.status === "complete") {
+      checkUrlWithParameters(tab.url);
+    }
+  });
+  
@@ -0,0 +1,23 @@
+{
+    "manifest_version": 2,
+    "name": "debugHunter",
+    "version": "1.0",
+    "description": "Discover hidden debugging parameters and uncover web application traces.",
+    "icons": {
+      "48": "images/icon.png"
+    },
+    "permissions": [
+      "webRequest",
+      "webRequestBlocking",
+      "<all_urls>"
+    ],
+    "background": {
+      "scripts": ["similarity.min.js", "background.js"],
+      "persistent": true
+    },
+    "browser_action": {
+      "default_icon": "images/icon.png",
+      "default_popup": "popup.html"
+    }
+  }
+  
@@ -0,0 +1,91 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="UTF-8">
+    <link href="https://fonts.googleapis.com/css?family=Anonymous+Pro&display=swap" rel="stylesheet" />
+    <style>
+        body {
+          font-family: "Anonymous Pro", monospace;
+          background-color: #585858;
+          color: white;
+          width: 500px;
+          max-height: 2000px;
+          padding: 15px;
+        }
+    
+        h2 {
+          font-size: 14px;
+          margin-bottom: 12px;
+          margin-top: 50px;
+        }
+    
+        a {
+          color: white;
+          text-decoration: none;
+        }
+    
+        a:hover {
+          text-decoration: underline;
+        }
+    
+        ul {
+          list-style-type: none;
+          padding: 0;
+        }
+    
+        li {
+          background-color: #333;
+          margin-bottom: 5px;
+          padding: 5px;
+          border-radius: 3px;
+        }
+    
+        button {
+          background-color: rgb(130, 0, 0);
+          font-family: "Anonymous Pro", monospace;
+          border: none;
+          color: white;
+          padding: 5px 10px;
+          text-align: center;
+          text-decoration: none;
+          display: inline-block;
+          font-size: 12px;
+          margin: 5px 2px;
+          cursor: pointer;
+          border-radius: 2px;
+        }
+    
+        button:hover {
+          background-color: #555;
+        }
+
+        .banner {
+          position: absolute;
+          top: 15px;
+          left: 20px;
+        }
+
+        .info-container {
+          position: absolute;
+          top: 20px;
+          right: 20px;
+        }
+
+        #info-icon {
+          font-size: 18px;
+          color: rgb(255, 255, 255);
+          text-decoration: none;
+        }
+    </style>
+  </head>
+  <body>
+    <div class="banner"><img src="images/banner.png" width="150" height="40" ></div>
+    <div class="info-container"><a href="#" id="info-icon">ℹ️</a></div>
+    <div class="window">
+    <h2>Modified Response URLs</h2>
+    <ul id="modifiedUrls"></ul>
+    <button id="clearUrls">Clear URLs</button>
+    <script src="popup.js"></script>
+    </div>
+  </body>
+</html>
@@ -0,0 +1,29 @@
+function updateModifiedUrlsList() {
+    const modifiedUrls = chrome.extension.getBackgroundPage().getModifiedUrls();
+    const list = document.getElementById("modifiedUrls");
+  
+    list.innerHTML = "";
+  
+    for (const url of modifiedUrls) {
+      const listItem = document.createElement("li");
+      const link = document.createElement("a");
+  
+      link.href = url;
+      link.target = "_blank";
+      link.textContent = url;
+  
+      listItem.appendChild(link);
+      list.appendChild(listItem);
+    }
+  }
+  
+  document.addEventListener("DOMContentLoaded", updateModifiedUrlsList);
+  
+  document.getElementById("clearUrls").addEventListener("click", () => {
+    chrome.extension.getBackgroundPage().clearModifiedUrls();
+    updateModifiedUrlsList();
+  });
+  
+  document.getElementById('info-icon').addEventListener('click', () => {
+    chrome.tabs.create({ url: 'https://github.com/devploit/debugHunter' });
+  });