├── README.md
├── background.js
├── content.js
├── icons
    ├── icon128.png
    ├── icon16.png
    └── icon48.png
├── img
    ├── image-20250206084931280.png
    └── image-20250206091434993.png
├── manifest.json
├── popup.html
└── popup.js


/README.md:
--------------------------------------------------------------------------------
 1 | # Jssx 🚬🚬 by Yn8rt
 2 | 
 3 | ## 写在前面
 4 | 
 5 | **收啥费，不收费，这也能割？**
 6 | 
 7 | **没事大家可以多分享一下，前几天想回去找一篇文章，结果发现撤回了，这搞的，越来越~~**😶
 8 | 
 9 | **有什么不足的地方希望大家及时告诉我，或者有做二次开发记得@我一下**
10 | 
11 | ## 项目简介
12 | 
13 | 对<a herf标签和form表单中的参数进行遍历
14 | 
15 | ![image-20250206091434993](img/image-20250206091434993.png)
16 | 
17 | ## 功能特性
18 | 
19 | - 根据自己提供的xsspayload进行批量测试，默认使用的是\<img src=x onerror=alert(1)\>
20 | - 分析页面可以利用的参数：有action属性的form表单，a标签herf属性值
21 | 
22 | ## 安装与使用
23 | 
24 | 1. **安装插件**：将插件**文件夹**托到浏览器的扩展程序中就ok了(目前只支持chrome内核的浏览器)。
25 | 2. **使用插件**：点击浏览器工具栏中的插件图标，输入自定义payload。
26 | 3. **查看结果**：扫描完成后，插件会在弹出窗口中显示检测结果，标明发现的敏感参数。
27 | 
28 | ![image-20250206084931280](img/image-20250206084931280.png)
29 | 
30 | ## 开发者
31 | 
32 | 该插件由 Yn8rt 开发，旨在提高网页安全性，帮助开发者及时发现并修复敏感信息泄露问题。
33 | 
34 | 如需更多信息或有任何疑问，请参阅项目文档或联系开发者。


--------------------------------------------------------------------------------
/background.js:
--------------------------------------------------------------------------------
 1 | chrome.webRequest.onBeforeRequest.addListener(function (request) {
 2 |     console.log("Intercepted request URL:", request.url);
 3 |     if (!request.url.startsWith("chrome-extension://")) {
 4 |       {
 5 |         chrome.tabs.query({
 6 |           active: true,
 7 |           currentWindow: true
 8 |         }, function (tabs) {
 9 |           chrome.tabs.sendMessage(tabs[0].id, {
10 |             action: "addParameter",
11 |             url: request.url
12 |           });
13 |         });
14 |       }
15 |     }
16 |   }, {
17 |     urls: ["<all_urls>"]
18 |   }, ["blocking"]);


--------------------------------------------------------------------------------
/content.js:
--------------------------------------------------------------------------------
 1 | const parametersSet = new Set();
 2 | let scanScheduled = false;
 3 | 
 4 | //下面是针对的标签，这里只有a的herf标签和form标签
 5 | function extractParameters() {
 6 |     const anchorElements = document.querySelectorAll("a[href]");
 7 |     anchorElements.forEach((anchorElement) => {
 8 |         try {
 9 |             const urlObject = new URL(anchorElement.href);
10 |             if (!urlObject.href.startsWith("chrome-extension://")) {
11 |                 const pathname = urlObject.pathname;
12 |                 const searchParams = new URLSearchParams(urlObject.search);
13 |                 for (const [key, value] of searchParams.entries()) {
14 |                     parametersSet.add(
15 |                         "" +
16 |                             urlObject.origin +
17 |                             pathname +
18 |                             "?" +
19 |                             key +
20 |                             "=" +
21 |                             value
22 |                     );
23 |                 }
24 |             }
25 |         } catch (error) {
26 |             console.error("处理 URL 时出错:", anchorElement.href, error);
27 |         }
28 |     });
29 | 
30 |     const formElements = document.querySelectorAll("form");
31 |     formElements.forEach((formElement) => {
32 |         try {
33 |             const formData = new FormData(formElement);
34 |             for (const [key, value] of formData.entries()) {
35 |                 if (
36 |                     formElement.action &&
37 |                     !formElement.action.startsWith("chrome-extension://")
38 |                 ) {
39 |                     parametersSet.add(
40 |                         formElement.action + "?" + key + "=" + value
41 |                     );
42 |                 }
43 |             }
44 |         } catch (error) {
45 |             console.error("处理表单时出错:", formElement, error);
46 |         }
47 |     });
48 | 
49 |     // 发送所有收集到的参数
50 |     chrome.runtime.sendMessage({
51 |         action: "sendParameters",
52 |         parameters: Array.from(parametersSet),
53 |     });
54 | }
55 | 
56 | function scheduleScan(delay) {
57 |     if (!scanScheduled) {
58 |         scanScheduled = true;
59 |         setTimeout(() => {
60 |             extractParameters();
61 |             scanScheduled = false;
62 |         }, delay);
63 |     }
64 | }
65 | 
66 | // 初始扫描
67 | extractParameters();
68 | 
69 | // 延迟扫描（500ms 后）
70 | scheduleScan(500);
71 | 
72 | // 再次延迟扫描（1s 后）
73 | scheduleScan(1000);
74 | 
75 | // 使用 MutationObserver 监控文档变化
76 | const observer = new MutationObserver(extractParameters);
77 | observer.observe(document.body, { childList: true, subtree: true });
78 | 
79 | document.addEventListener("click", function (event) {
80 |     if (
81 |         event.target &&
82 |         event.target.id === "forgotPassword"
83 |     ) {
84 |         setTimeout(extractParameters, 100);
85 |     }
86 | });
87 | 
88 | chrome.runtime.onMessage.addListener(function (
89 |     message,
90 |     sender,
91 |     sendResponse
92 | ) {
93 |     if (message.action === "getAllParameters") {
94 |         sendResponse({ parameters: Array.from(parametersSet) });
95 |     } else if (message.action === "addParameter") {
96 |         parametersSet.add(message.url);
97 |     }
98 | });


--------------------------------------------------------------------------------
/icons/icon128.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Yn8rt/Jssx/75bcd98cfd6b7d9c069f18d94ff37c8a18875d31/icons/icon128.png


--------------------------------------------------------------------------------
/icons/icon16.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Yn8rt/Jssx/75bcd98cfd6b7d9c069f18d94ff37c8a18875d31/icons/icon16.png


--------------------------------------------------------------------------------
/icons/icon48.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Yn8rt/Jssx/75bcd98cfd6b7d9c069f18d94ff37c8a18875d31/icons/icon48.png


--------------------------------------------------------------------------------
/img/image-20250206084931280.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Yn8rt/Jssx/75bcd98cfd6b7d9c069f18d94ff37c8a18875d31/img/image-20250206084931280.png


--------------------------------------------------------------------------------
/img/image-20250206091434993.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Yn8rt/Jssx/75bcd98cfd6b7d9c069f18d94ff37c8a18875d31/img/image-20250206091434993.png


--------------------------------------------------------------------------------
/manifest.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "manifest_version": 2,
 3 |   "name": "Js🚬XSS🚬Fuzzer",
 4 |   "version": "1.0",
 5 |   "description": "Jssx🚬🚬by Yn8rt",
 6 |   "permissions": ["activeTab", "declarativeContent", "storage", "webRequest", "webRequestBlocking", "*://*/*"],
 7 |   "background": {
 8 |     "scripts": ["background.js"]
 9 |   },
10 |   "browser_action": {
11 |     "default_popup": "popup.html",
12 |     "default_icon": {
13 |       "16": "icons/icon16.png",
14 |       "48": "icons/icon48.png",
15 |       "128": "icons/icon128.png"
16 |     }
17 |   },
18 |   "icons": {
19 |     "16": "icons/icon16.png",
20 |     "48": "icons/icon48.png",
21 |     "128": "icons/icon128.png"
22 |   },
23 |   "content_scripts": [
24 |     {
25 |       "matches": ["<all_urls>"],
26 |       "js": ["content.js"]
27 |     }
28 |   ]
29 | }


--------------------------------------------------------------------------------
/popup.html:
--------------------------------------------------------------------------------
  1 | <!DOCTYPE html>
  2 | <html lang="en">
  3 | <head>
  4 |     <meta charset="UTF-8">
  5 |     <meta name="viewport" content="width=device-width, initial-scale=1.0">
  6 |     <title>Jssx🚬🚬</title>
  7 |     <style>
  8 |         body {
  9 |             font-family: Arial, sans-serif;
 10 |             margin: 0;
 11 |             padding: 20px;
 12 |             background-color: #333; /* 黑色背景 */
 13 |             color: #fff; /* 白色文字 */
 14 |             min-width: 300px; /* 设置最小宽度 */
 15 |         }
 16 |         h2 {
 17 |             margin: 0;
 18 |             padding: 15px;
 19 |             background-color: #2E8B57; /* 深绿色背景 */
 20 |             color: #FFD700; /* 金色文字 */
 21 |             text-align: center;
 22 |             border-radius: 5px 5px 0 0;
 23 |             font-size: 18px;
 24 |             margin-bottom: 15px;
 25 |             text-shadow: 1px 1px 2px rgba(0, 0, 0, 0.2); /* 添加文字阴影 */
 26 |         }
 27 |         #mainContainer {
 28 |             background-color: #4F4F4F; /* 灰色背景 */
 29 |             border-radius: 8px;
 30 |             box-shadow: 0 2px 4px rgba(0, 0, 0, 0.5);
 31 |             padding: 20px;
 32 |             margin: 0 auto;
 33 |             max-width: 400px;
 34 |         }
 35 |         .btn-container {
 36 |             display: flex;
 37 |             justify-content: space-between;
 38 |             margin-bottom: 20px;
 39 |         }
 40 |         .btn-container button {
 41 |             padding: 8px 15px;
 42 |             font-size: 15px;
 43 |             border: none;
 44 |             border-radius: 3px;
 45 |             cursor: pointer;
 46 |             flex: 1;
 47 |             margin: 0 5px;
 48 |             min-width: 100px;
 49 |         }
 50 |         .refresh-btn {
 51 |             background-color: #FFD700; /* 金色背景 */
 52 |             color: #333; /* 黑色文字 */
 53 |         }
 54 |         .refresh-btn:hover {
 55 |             background-color: #DAA520; /* 较浅的金色 */
 56 |         }
 57 |         .xss-btn {
 58 |             background-color: #2E8B57; /* 深绿色背景 */
 59 |             color: #FFD700; /* 金色文字 */
 60 |         }
 61 |         .xss-btn:hover {
 62 |             background-color: #3CB371; /* 更深的绿色 */
 63 |         }
 64 |         .input-container {
 65 |             margin-bottom: 20px;
 66 |             display: flex;
 67 |             flex-direction: column;
 68 |         }
 69 |         .input-container input {
 70 |             padding: 10px;
 71 |             margin-bottom: 5px;
 72 |             font-size: 14px;
 73 |             border: 1px solid #696969; /* 灰色边框 */
 74 |             border-radius: 5px;
 75 |             box-shadow: 0 1px 3px rgba(0, 0, 0, 0.3);
 76 |             background-color: #1A1A1A; /* 更深的黑色 */
 77 |             color: #fff; /* 白色文字 */
 78 |         }
 79 |         .input-container button {
 80 |             background-color: #2E8B57; /* 深绿色背景 */
 81 |             color: #FFD700; /* 金色文字 */
 82 |             padding: 10px;
 83 |             border: none;
 84 |             border-radius: 5px;
 85 |             cursor: pointer;
 86 |             font-size: 14px;
 87 |             transition: background-color 0.3s;
 88 |         }
 89 |         .input-container button:hover {
 90 |             background-color: #3CB371; /* 更深的绿色 */
 91 |         }
 92 |         #results {
 93 |             list-style-type: none;
 94 |             padding: 0;
 95 |             margin: 20px 0;
 96 |             max-height: 400px;
 97 |             overflow-y: auto;
 98 |         }
 99 |         #results li {
100 |             background-color: #1A1A1A; /* 更深的黑色 */
101 |             margin-bottom: 10px;
102 |             padding: 10px;
103 |             border-radius: 5px;
104 |             box-shadow: 0 1px 3px rgba(0, 0, 0, 0.3);
105 |             display: flex;
106 |             justify-content: space-between;
107 |             align-items: center;
108 |             color: #fff; /* 白色文字 */
109 |         }
110 |         .no-params {
111 |             text-align: center;
112 |             color: #999; /* 浅灰色文字 */
113 |             font-size: 14px;
114 |             background-color: #1A1A1A; /* 更深的黑色 */
115 |             padding: 20px;
116 |             border-radius: 5px;
117 |             box-shadow: 0 1px 3px rgba(0, 0, 0, 0.3);
118 |             min-height: 100px;
119 |             display: flex;
120 |             justify-content: center;
121 |             align-items: center;
122 |         }
123 |         .open-btn {
124 |             padding: 3px 8px;
125 |             font-size: 12px;
126 |             background-color: #2E8B57; /* 深绿色背景 */
127 |             color: #FFD700; /* 金色文字 */
128 |             border: none;
129 |             border-radius: 3px;
130 |             cursor: pointer;
131 |             white-space: nowrap;
132 |         }
133 |         .open-btn:hover {
134 |             background-color: #3CB371; /* 更深的绿色 */
135 |         }
136 |         .notification {
137 |             position: fixed;
138 |             bottom: 20px;
139 |             right: 20px;
140 |             padding: 10px;
141 |             background-color: #2E8B57; /* 深绿色背景 */
142 |             color: #FFD700; /* 金色文字 */
143 |             border-radius: 5px;
144 |             box-shadow: 0 2px 4px rgba(0, 0, 0, 0.3);
145 |             z-index: 1000;
146 |         }
147 |     </style>
148 | </head>
149 | <body>
150 |     <div id="mainContainer" style="display: none;">
151 |         <h2>XSS🚬Fuzzer</h2>
152 |         <div class="btn-container">
153 |             <button class="refresh-btn">刷新</button>
154 |             <button class="xss-btn">XSS 测试</button>
155 |         </div>
156 |         <div class="input-container">
157 |             <input type="text" id="payloadInput" placeholder="输入自定义 XSS payload">
158 |             <button id="savePayloadBtn">保存 Payload</button>
159 |         </div>
160 |         <ul id="results">
161 |             <!-- XSS detection results will be appended here -->
162 |         </ul>
163 |         <script src="popup.js"></script>
164 |     </div>
165 | </body>
166 | </html>
167 | 
168 | 
169 | 
170 | 


--------------------------------------------------------------------------------
/popup.js:
--------------------------------------------------------------------------------
  1 | document.addEventListener("DOMContentLoaded", function () {
  2 |   const resultsContainer = document.getElementById("results"),
  3 |         payloadInput = document.getElementById("payloadInput"),
  4 |         savePayloadBtn = document.getElementById("savePayloadBtn");
  5 | 
  6 |   mainContainer.style.display = "block";
  7 |   loadParameters();
  8 | 
  9 |   function loadParameters() {
 10 |       chrome.tabs.query({
 11 |           active: true,
 12 |           currentWindow: true
 13 |       }, function (tabs) {
 14 |           chrome.tabs.sendMessage(tabs[0].id, {
 15 |               action: "getAllParameters"
 16 |           }, function (response) {
 17 |               resultsContainer.innerHTML = "";
 18 |               if (response && response.parameters && response.parameters.length > 0) {
 19 |                   response.parameters.forEach(param => {
 20 |                       const paramItem = document.createElement("li");
 21 |                       paramItem.className = "param-item";
 22 |                       if (typeof param === "string") {
 23 |                           if (param.startsWith("http") || param.startsWith("https")) {
 24 |                               paramItem.innerHTML = `
 25 |                                   <span>${param}</span>
 26 |                                   <button class="open-btn">打开</button>
 27 |                               `;
 28 |                               paramItem.querySelector(".open-btn").addEventListener("click", function () {
 29 |                                   chrome.tabs.create({
 30 |                                       url: param
 31 |                                   });
 32 |                               });
 33 |                           } else {
 34 |                               paramItem.textContent = param;
 35 |                           }
 36 |                       } else {
 37 |                           paramItem.textContent = JSON.stringify(param);
 38 |                       }
 39 |                       resultsContainer.appendChild(paramItem);
 40 |                   });
 41 |               } else {
 42 |                   const noParams = document.createElement("li");
 43 |                   noParams.className = "no-params";
 44 |                   noParams.textContent = "没找到参数,来一根吧🚬";
 45 |                   resultsContainer.appendChild(noParams);
 46 | 
 47 |                   const spacer = document.createElement("div");
 48 |                   spacer.style.height = "100px";
 49 |                   resultsContainer.appendChild(spacer);
 50 |               }
 51 |           });
 52 |       });
 53 |   }
 54 | 
 55 |   chrome.storage.local.get("xssPayload", function (data) {
 56 |       if (data.xssPayload) {
 57 |           payloadInput.value = data.xssPayload;
 58 |       }
 59 |   });
 60 | 
 61 |   savePayloadBtn.addEventListener("click", function () {
 62 |       const payload = payloadInput.value.trim();
 63 |       if (payload) {
 64 |           chrome.storage.local.set({
 65 |               xssPayload: payload
 66 |           }, function () {
 67 |             showNotification("Payload 已保存");
 68 |           });
 69 |       }
 70 |   });
 71 | 
 72 |   document.querySelector(".refresh-btn").addEventListener("click", function () {
 73 |       chrome.tabs.query({
 74 |           active: true,
 75 |           currentWindow: true
 76 |       }, function (tabs) {
 77 |           chrome.tabs.reload(tabs[0].id);
 78 |       });
 79 |   });
 80 | 
 81 |   document.querySelector(".xss-btn").addEventListener("click", function () {
 82 |       chrome.storage.local.get("xssPayload", function (data) {
 83 |           const xssPayload = data.xssPayload || "<img src=x onerror=alert(1)>";
 84 |           chrome.tabs.query({
 85 |               active: true,
 86 |               currentWindow: true
 87 |           }, function (tabs) {
 88 |               chrome.tabs.sendMessage(tabs[0].id, {
 89 |                   action: "getAllParameters"
 90 |               }, function (response) {
 91 |                   if (response && response.parameters && response.parameters.length > 0) {
 92 |                       response.parameters.forEach(param => {
 93 |                           const url = new URL(param);
 94 |                           const params = new URLSearchParams(url.search);
 95 |                           for (const key of params.keys()) {
 96 |                               params.set(key, xssPayload);
 97 |                           }
 98 |                           const newUrl = `${url.origin}${url.pathname}?${params.toString()}`;
 99 |                           chrome.tabs.create({
100 |                               url: newUrl
101 |                           });
102 |                       });
103 |                   }
104 |               });
105 |           });
106 |       });
107 |   });
108 | 
109 |   // 显示通知函数
110 |   function showNotification(message) {
111 |     const notification = document.createElement('div');
112 |     notification.className = 'notification';
113 |     notification.textContent = message;
114 |     document.body.appendChild(notification);
115 | 
116 |     setTimeout(() => {
117 |         notification.remove();
118 |     }, 3000);
119 | }
120 | });


--------------------------------------------------------------------------------