DOM Input Liberator par Lamisedaxeh
Pentesting tool: remove form restrictions, reveal hidden elements, bypass input validation
MĂ©tadonnĂ©es de lâextension
Captures dâĂ©cran
Ă propos de cette extension
A browser extension for penetration testing that removes client-side form restrictions, reveals hidden elements, and bypasses input validation. Works on Chrome and Firefox.
UI:
Features list:
UI:
- Popup â Toggle categories on/off individually or use "Liberate All" master toggle. Each category can be expanded to enable/disable specific items.
- Floating Badge â A counter badge appears on the page showing how many elements were modified. Click it to see a per-category breakdown. Click outside to dismiss.
- Highlighting â Modified elements are outlined in the category's color. Toggle highlighting on/off from the popup.
Features list:
- Form Controls: Remove
disabled,readonly,required,maxlength,minlength,pattern,multiple,acceptattributes, re-enableautocomplete, reveal password fields as plain text - Input Validation: Strip
min,max,stepattributes and convert restricted input types (number, email, url, date, etc.) to plain text fields - Hidden Fields: Convert
type="hidden"inputs to visible text fields with a purple dashed border so you can view and edit their values - Hidden Elements (CSS): Reveal elements hidden via
display: none,visibility: hidden,opacity: 0, thehiddenattribute, or collapsed<details>elements - Content Editing: Make all block-level elements contenteditable so you can modify any text on the page. Disabled by default
- Iframes: Reveal hidden iframes (zero-sized, display:none, opacity:0) with a labeled border showing their
src - Event Blockers: Remove inline event handlers that block user interaction:
onsubmit,onchange,oninput,oncopy,onpaste,oncut. Also prevents clipboard and context menu blocking - Size Constraints: Remove
cols,rows,sizeattributes from textareas/inputs and forceresize: bothon textareas - Comments: Unwrap HTML comments so their content becomes live DOM. Uncomment JS comments in inline scripts so commented-out code executes
- Fill Payloads: One-click button to fill all visible inputs with XSS, template injection, SQL injection, and path traversal test payloads
This tool is intended for authorized security testing and bug bounty programs. Only use it on applications you have permission to test.
Noté 0 par 1 personne
Autorisations et données
Autorisations nécessaires :
- Accéder à vos données pour tous les sites web
Collecte de données :
- Le dĂ©veloppeur indique que cette extension nâa pas besoin de collecter de donnĂ©es.
Plus dâinformations
- Liens du module
- Version
- 1.0.0
- Taille
- 41,26Â Ko
- DerniĂšre mise Ă jour
- il y a 6 jours (10 juil. 2026)
- Catégories associées
- Historique des versions
- Ajouter Ă la collection