Eval Villain sɣur bemodtwz

3,7 n yitran ɣef 5

Eval Villain azray n lqem - 24 ileqman

Ɣur-k ɣef yileqman yezrin! TTwaseknen-d kan i usekyed akked umuqel.Yessefk yal tikkelt ad tesqedceḍ lqem aneggaru n uzegrir.
Lqem aneggaru
Lqem 2.11
Yeffeɣ-d deg 13. nov 2024 - 53,89 KB
Iteddu d firefox 58.0 d yileqman imaynuten
Fixes bug where localStorage is not properly sourced
Improves encoder function for path search
Fixes mistake is sourcer debug statment
Tangalt taɣbalut teffeɣ-d s turagt GNU General Public License v3.0 only
Ilaq-ak·am Firefox i useqdec n usiɣzef-a
Sader Firefox syen awi isiɣzaf
Sader afaylu
Ileqman iqbuṛen
Lqem 2.10
Yeffeɣ-d deg 11. nov 2024 - 53,74 KB
Iteddu d firefox 58.0 d yileqman imaynuten
* Copy Eval Villain Injection or Config from the configuration page and paste into any JavaScript file to get Eval Villain into other browsers or contexts.
* Better defaults for actual testing. Including CSPT and postMessage sinks.
* Set limits on source banks in the configuration page
* Lots of refactoring
Tangalt taɣbalut teffeɣ-d s turagt GNU General Public License v3.0 only
Sader afaylu
Lqem 2.9
Yeffeɣ-d deg 22. sep 2023 - 41,75 KB
Iteddu d firefox 48.0 d yileqman imaynuten
* Use evSourcer to dynamically add to sources via instrumentation.
* Use evSinker as a dynamic sink to be used with instrumentation.
* EV now warns when it fails to load in a frame.
* Replace console.log with console.info in the web page to avoid the pages logs cluttering up Eval Villain output.
Tangalt taɣbalut teffeɣ-d s turagt GNU General Public License v3.0 only
Sader afaylu
Lqem 2.8
Yeffeɣ-d deg 9. mar 2023 - 40,88 KB
Iteddu d firefox 48.0 d yileqman imaynuten
Fix output of regex needles without global flag
Tangalt taɣbalut teffeɣ-d s turagt GNU General Public License v3.0 only
Sader afaylu
Lqem 2.7
Yeffeɣ-d deg 6. feb 2022 - 40,87 KB
Iteddu d firefox 59.0 d yileqman imaynuten
Add function URLSearchParams.get to default config, disabled by default
Spelling fixes
Fix scope to preventing vars leaking into `window`
Tangalt taɣbalut teffeɣ-d s turagt GNU General Public License v3.0 only
Sader afaylu
Lqem 2.6
Yeffeɣ-d deg 26. júl 2021 - 41,02 KB
Iteddu d firefox 59.0 d yileqman imaynuten
Constructors (like `new Function`) are now hooked.
Better proto hooking (like `value(Range.createContextualFragment)`).
Tangalt taɣbalut teffeɣ-d s turagt GNU General Public License v3.0 only
Sader afaylu
Lqem 2.5
Yeffeɣ-d deg 28. apr 2021 - 40,82 KB
Iteddu d firefox 59.0 d yileqman imaynuten
Fix bug where you couldn't delete a config item
Provided encoder function will provide a second parameter now, using `encoder("payload", true)` should cause the payload to be inserted into the DOM XSS source.
Tangalt taɣbalut teffeɣ-d s turagt GNU General Public License v3.0 only
Sader afaylu
Lqem 2.4
Yeffeɣ-d deg 15. apr 2021 - 40,57 KB
Iteddu d firefox 59.0 d yileqman imaynuten
Fix minor bug for configuration name collisions
Tangalt taɣbalut teffeɣ-d s turagt GNU General Public License v3.0 only
Sader afaylu
Lqem 2.3
Yeffeɣ-d deg 13. apr 2021 - 40,48 KB
Iteddu d firefox 59.0 d yileqman imaynuten
* When a encoded source is found in a sink, a encoding function in JavaScript will be printed to the console. This function lets you see how Eval Villain decoded the source, and lets you quickly encode your own payloads.
* Large text will receive it's own closed console.group to improve readability.
Tangalt taɣbalut teffeɣ-d s turagt GNU General Public License v3.0 only
Sader afaylu
Lqem 2.2
Yeffeɣ-d deg 26. jan 2021 - 41,24 KB
Iteddu d firefox 59.0 d yileqman imaynuten
2 Major Changes
* EV will now recursively decode DOM XSS sources for URL, base64 and JSON encoding. Decoded values will then be used to search input to the hooked functions.
* Blacklists were previously applied to all input. I found this to be mostly useless. Now blacklists are applied to decoded input sources. So you can blacklist `/^true$/` and a URL parameter that is set to `true` won't cause all `eval` calls containing `true` to be marked as interesting.
Tangalt taɣbalut teffeɣ-d s turagt GNU General Public License v3.0 only
Sader afaylu
Lqem 2.1
Yeffeɣ-d deg 14. júl 2020 - 41,25 KB
Iteddu d firefox 59.0 d yileqman imaynuten
It is now safe to hook decodeURI, and decodeURIComponent. This can be helpful for finding where inputs are parsed.
Tangalt taɣbalut teffeɣ-d s turagt GNU General Public License v3.0 only
Sader afaylu
Lqem 2.0
Yeffeɣ-d deg 9. mar 2020 - 41,22 KB
Iteddu d firefox 59.0 d yileqman imaynuten
Refactoring should improve speed and performance.
Monitors sinks for window name
Tangalt taɣbalut teffeɣ-d s turagt GNU General Public License v3.0 only
Sader afaylu
Lqem 1.11
Yeffeɣ-d deg 22. aug 2019 - 40,49 KB
Iteddu d firefox 59.0 d yileqman imaynuten
Types: enable/disable types that you are interested.
Tangalt taɣbalut teffeɣ-d s turagt GNU General Public License v3.0 only
Sader afaylu
Lqem 1.10
Yeffeɣ-d deg 6. aug 2019 - 40,17 KB
Iteddu d firefox 59.0 d yileqman imaynuten
Using `Reflect.apply` for proxying to reduce bugs. Thanks Mike Samuel!
Show argument types
Better handling of multiple arguments to a function.
Tangalt taɣbalut teffeɣ-d s turagt GNU General Public License v3.0 only
Sader afaylu
Lqem 1.9
Yeffeɣ-d deg 25. jún 2019 - 40,01 KB
Iteddu d firefox 59.0 d yileqman imaynuten
Features:
* Toggle Eval Villain with key commands
Bug fixes:
Functions are now hooked using `Proxy`. Eval Villain should break fewer pages. Reference: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Proxy
Tangalt taɣbalut teffeɣ-d s turagt GNU General Public License v3.0 only
Sader afaylu
Lqem 1.8
Yeffeɣ-d deg 13. jún 2019 - 40,07 KB
Iteddu d firefox 59.0 d yileqman imaynuten
URL Decode bug fix
Tangalt taɣbalut teffeɣ-d s turagt GNU General Public License v3.0 only
Sader afaylu
Lqem 1.7
Yeffeɣ-d deg 11. jún 2019 - 40,01 KB
Iteddu d firefox 59.0 d yileqman imaynuten
Fixed bug in query search
Tangalt taɣbalut teffeɣ-d s turagt GNU General Public License v3.0 only
Sader afaylu
Lqem 1.6
Yeffeɣ-d deg 11. jún 2019 - 40,01 KB
Iteddu d firefox 59.0 d yileqman imaynuten
Function hooks now handle multiple arguments
Hook `Function` if you want, likely to break webpages though
Bug fixes/improved query search
Tangalt taɣbalut teffeɣ-d s turagt GNU General Public License v3.0 only
Sader afaylu
Lqem 1.5
Yeffeɣ-d deg 2. jan 2019 - 36,47 KB
Iteddu d firefox 59.0 d yileqman imaynuten
Handles malformed URI encoding without breaking code flow.
Having console.log remapped by the page should no longer interfere with output.
Tangalt taɣbalut teffeɣ-d s turagt GNU General Public License v3.0 only
Sader afaylu
Lqem 1.4
Yeffeɣ-d deg 14. aug 2018 - 36,4 KB
Iteddu d firefox 59.0 d yileqman imaynuten, android 59.0 ɣer 68.*
* fix URL decode logic bug
* No longer search for URL parameter names.
Tangalt taɣbalut teffeɣ-d s turagt GNU General Public License v3.0 only
Sader afaylu
Lqem 1.3
Yeffeɣ-d deg 10. aug 2018 - 36,41 KB
Iteddu d firefox 59.0 d yileqman imaynuten, android 59.0 ɣer 68.*
* fixed a couple RegEx needle highlighting bugs
* fragment and query search now also check if the value has been URL decoded.
Tangalt taɣbalut teffeɣ-d s turagt GNU General Public License v3.0 only
Sader afaylu
Lqem 1.2
Yeffeɣ-d deg 7. aug 2018 - 35,91 KB
Iteddu d firefox 59.0 d yileqman imaynuten, android 59.0 ɣer 68.*
This version just improves the UI some.
Tangalt taɣbalut teffeɣ-d s turagt GNU General Public License v3.0 only
Sader afaylu
Lqem 1.1
Yeffeɣ-d deg 2. aug 2018 - 36,06 KB
Iteddu d firefox 59.0 d yileqman imaynuten, android 59.0 ɣer 68.*
Tangalt taɣbalut teffeɣ-d s turagt GNU General Public License v3.0 only
Sader afaylu
Lqem 1.0
Yeffeɣ-d deg 2. aug 2018 - 36,07 KB
Iteddu d firefox 59.0 d yileqman imaynuten, android 59.0 ɣer 68.*
Tangalt taɣbalut teffeɣ-d s turagt GNU General Public License v3.0 only
Sader afaylu

Lqem aneggaru

Lqem 2.11

Ileqman iqbuṛen

Lqem 2.10

Lqem 2.9

Lqem 2.8

Lqem 2.7

Lqem 2.6

Lqem 2.5

Lqem 2.4

Lqem 2.3

Lqem 2.2

Lqem 2.1

Lqem 2.0

Lqem 1.11

Lqem 1.10

Lqem 1.9

Lqem 1.8

Lqem 1.7

Lqem 1.6

Lqem 1.5

Lqem 1.4

Lqem 1.3

Lqem 1.2

Lqem 1.1

Lqem 1.0