Log in
Preview of VarScope

VarScope by gerbil

A browser extension built for penetration testers and security researchers. Inspect, snapshot, diff, and export all JavaScript variables on any web page — including variables assigned live via the F12 browser console.

Available on Firefox for Android™
0 (0 reviews)
Download Firefox and get the extension
Download file
Screenshots
About this extension
When assessing a web application, the JavaScript global scope (window) is one of the most revealing attack surfaces available. Frameworks, authentication tokens, API endpoints, feature flags, user objects, and internal state are routinely exposed as global variables — often unintentionally.
VarScope gives you a clean, colour-coded view of everything sitting on window at any moment, separated into native browser built-ins and variables created by the target application. You can take a snapshot, interact with the page, then compare to see exactly what changed — helping you map how the application's state evolves during login, form submission, navigation between SPA routes, or after triggering specific functionality.
Rated 0 by 0 reviewers

Star rating saved

5
0
4
0
3
0
2
0
1
0
No reviews yet
Permissions and data

Optional permissions:

  • Access your data for all websites

Data collection:

  • The developer says this extension doesn't require data collection.
Learn more
More information
Version
1.1.0
Size
84.58 KB
Last updated
a day ago (Apr 23, 2026)
Version History
Add to collection
Report this add-on
Support this developer

The developer of this extension asks that you help support its continued development by making a small contribution.

Contribute now