Item logo image for postLogger

    postLogger
    https://ndevtk.github.io/writeups/
    Extension Privacy & Security 86 users
    Item media 2 (screenshot) for postLogger
    Item media 1 (screenshot) for postLogger
    Item media 2 (screenshot) for postLogger
    Item media 1 (screenshot) for postLogger
    Item media 1 (screenshot) for postLogger
    Item media 2 (screenshot) for postLogger

    Overview

    Extension to log postMessage()

    - console.info for postMessages from all_frames. - detects the scope of sent messages. - origins that are insecure due to being a sandbox domain or a wildcard, will be prefixed with UNSAFE. - detects if a website does not check MessageEvent.origin - MessageChannel API May cause unexpected behavior so please use it in a different browser profile and disable when not wanted. Code can be found at https://github.com/NDevTK/postLogger

    0 out of 5 No ratings

    Learn more about results and reviews.

    Details

    • Version
      1.4
    • Updated
      April 26, 2025
    • Size
      22.96KiB
    • Languages
      English
    • Developer
      Website
      Email
      ndevtk@protonmail.com
    • Non-trader
      This developer has not identified itself as a trader. For consumers in the European Union, please note that consumer rights do not apply to contracts between you and this developer.

    Privacy

    The developer has disclosed that it will not collect or use your data. To learn more, see the developer’s privacy policy .

    This developer declares that your data is

    • Not being sold to third parties, outside of the approved use cases
    • Not being used or transferred for purposes that are unrelated to the item's core functionality
    • Not being used or transferred to determine creditworthiness or for lending purposes

    Related

    Jsmon Chrome Extension

    5.0

    Fetches and scans JS urls from network history

    DotGit

    4.8

    An extension for checking if .git is exposed in visited websites

    DOMLogger++

    5.0

    DOMLogger++ allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.

    Hack-Tools

    4.6

    The all in one Red team extension for web pentester

    HackBar

    4.2

    A browser extension for Penetration Testing

    postMessageObserver

    0.0

    A Chrome extension that allows you to observe the flow of postMessage messages on the side panel.

    postMessage-catcher

    3.0

    A Chrome extension that captures the content of postMessage.

    Gecko

    5.0

    Automated CSPT discovery tool

    FindSomething

    4.6

    Find interesting things in the webpage's source code or JavaScript

    Shodan

    4.5

    The Shodan plugin tells you where the website is hosted (country, city), who owns the IP and what other services/ ports are open.

    EndPointer

    5.0

    An endpoint parser and extractor with many flexible features

    Endpoint Extractor

    5.0

    Extracts endpoints from the current page.

    Jsmon Chrome Extension

    5.0

    Fetches and scans JS urls from network history

    DotGit

    4.8

    An extension for checking if .git is exposed in visited websites

    DOMLogger++

    5.0

    DOMLogger++ allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.

    Hack-Tools

    4.6

    The all in one Red team extension for web pentester

    HackBar

    4.2

    A browser extension for Penetration Testing

    postMessageObserver

    0.0

    A Chrome extension that allows you to observe the flow of postMessage messages on the side panel.

    postMessage-catcher

    3.0

    A Chrome extension that captures the content of postMessage.

    Gecko

    5.0

    Automated CSPT discovery tool
    Google apps
    Create a Mobile Website
    View Site in Mobile | Classic
    Share by: