JSSCM

JSSCM - JavaScript Supply Chain Monitor

JSSCM is a tool designed to detect expired domains that could be exploited for Stored XSS attacks while browsing. It operates as a Chrome extension, monitoring JavaScript resources in real-time and alerting users when potential vulnerabilities are detected.

Key Features:

• Real-time Detection: Automatically identifies JavaScript resources with expired domains that could be exploited for XSS.
• Alert Notifications: Displays browser alerts when potential XSS vulnerabilities are detected to ensure visibility.
• Domain Status Check: Uses the Domainr API to verify domain registration status and determine exploitability.
• Easy Installation: Users can install the extension in developer mode and set it up with a simple API key configuration.
• User-Friendly Interface: Provides UI components to review and analyze vulnerable domains, making it easy to check if domains are available for registration.

Benefits:

• Enhances security by proactively identifying potential XSS vulnerabilities.
• Saves time for developers and security professionals by automating the detection process.
• Encourages community contributions and improvements to the tool.

Highlights:

• Open-source project under GPLv3 license.
• Developed as a weekend project with a focus on simplicity and effectiveness.
• Open to ideas and contributions from the community.