CodeXploit

Secure Your Web with Ease – Scan for Vulnerabilities in Seconds

About CodeXploit

CodeXploit is a powerful Chrome extension designed for developers, security researchers, and enthusiasts to audit websites for common security vulnerabilities. With a single click, it scans for issues like XSS, SQL Injection, CSRF, and more, providing detailed reports to help you secure your web applications.

Features

Comprehensive Scanning

Detects vulnerabilities like No HTTPS, XSS, SQLi, CSRF, IDOR, missing security headers, and more.

User-Friendly Interface

Clean and intuitive design with a professional look, making security auditing accessible to everyone.

Detailed Reports

Generate HTML reports with findings, severity levels, descriptions, and remediation tips.

Fast and Reliable

Uses asynchronous scanning to quickly analyze websites without slowing down your browser.

Fallback Mechanism

Ensures scans complete even if DOM access is restricted (e.g., due to CSP).

Installation

Follow these steps to get CodeXploit up and running on your Chrome browser.

Step 1: Clone the Repository

Run the following command to clone the CodeXploit repository:
git clone https://github.com/TirupMehta/CodeXploit.git

Step 2: Open Chrome Extensions

Navigate to chrome://extensions/ in Chrome and enable "Developer mode" (top-right toggle).

Step 3: Load the Extension

Click "Load unpacked" and select the cloned CodeXploit folder.

Step 4: Pin the Extension

Click the Extensions icon in Chrome and pin CodeXploit for easy access.

How to Use

Using CodeXploit is simple and straightforward. Follow these steps to scan a website:

Step 1: Open the Extension

Click the CodeXploit icon in your Chrome toolbar to open the popup.

Step 2: Scan a Website

Navigate to the website you want to scan and click "Scan Now" in the popup.

Step 3: View Results

Review vulnerabilities with severity levels (Critical, High, Medium, Low) and "Learn More" links.

Step 4: Download Report

Click "Download Report" to generate an HTML report with detailed findings.

How It Works

CodeXploit uses advanced techniques to identify vulnerabilities in websites:

DOM Analysis

Inspects the page for insecure forms, mixed content, and exposed sensitive data.

Payload Injection

Tests inputs and forms for XSS, SQLi, and other injection vulnerabilities using predefined payloads.

Header Checks

Verifies the presence of security headers like X-Frame-Options, CSP, and HSTS.

Fallback Scanning

Falls back to header and URL-based checks if DOM access fails (e.g., due to CSP).

Get Started Today

Protect your web applications with CodeXploit. Start scanning now and secure your sites with ease.

Download Now