This project is a tool to detect potential vulnerabilities in web applications related to the use of event listeners. It scans HTML and JavaScript content for unsafe use of eval, adding event listeners with unsanitized user input, and potential memory leaks due to missing removeEventListener calls.
- Detects unsafe use of
eval. - Identifies event listeners added with unsanitized user input.
- Detects potential memory leaks due to
addEventListenerwithout correspondingremoveEventListener.
-
Clone the repository:
git clone https://github.com/yourusername/event-listener-vuln-detector.git cd event-listener-vuln-detector -
Install the required dependencies:
npm install axios jsdom
To analyze a URL for event listener vulnerabilities, run the following command:
node detectEventListenerVulns.js <url>
Legal Disclaimer
This tool is intended for educational purposes only. Use of this tool to target websites without prior mutual consent is illegal and strictly prohibited. The developers assume no liability and are not responsible for any misuse or damage caused by this tool.