NDevTK

https://t.co/7sMg3G3bw6 got more complicated it now converts unsafe sinks to safe DOM API calls and traces taint from sources to sinks across files, functions, and control flow. Maybe can reuse code in extension :)

I made a HTML/CSS to DOM API converter! https://t.co/7sMg3G3bw6 this project doesn't use Babel JS because I couldn't be bothered.

The first version of APIClient has been released https://t.co/zLP7wr1WSO it supports API learning with key tracking based on usage and Google/Swagger discovery documents plus XSS finding also replacement for postLogger extension. It's not perfect, create GitHub issues :)

https://t.co/HPyuwMA25W has been recovered does both API learning and XSS finding it's not perfect but I'm starting to get over it. Hopefully this time I will release and not delete it.

Taint analyser is replaced with CodeQL Chrome https://t.co/2ABivU9kwd because trying to get AI to build a code graph then integrate it with an SMT was annoying. I asked something basic like trace the internals of jquery it made a fake version.

Bug write-up for "Google XSS part 3" https://t.co/reA3VbwocZ \^o^/

DroidProbe is getting an API client that supports Swagger and Google discovery documents. Based on past experience with a Minecraft server hosting app it's a good target for security issues.

The test release of DroidProbe is published after joining https://t.co/aI6meI4Oqy it can be installed at https://t.co/mhNqXK1IM1 please provide feedback :)

https://t.co/OufjbDNhls Contextual GUI via code analysis all the things.

A no-code web-based GUI for Chromium MojoJS security research with automated binding generation. Tempted to add an AI chat bot. https://t.co/ujI8BI5x5i

An experimental WinDbg debugging toolkit for Chromium security researchers: https://t.co/DkajV10bAF Bug write-up for OAuth redirects don't check for SSL/TLS: https://t.co/DoyRfMGwIb Summarizer theme on my writeups website now works on desktop chrome again! 🦆