Skip to content

feat: debugHunter v2.0.0 - Complete rewrite with MV3 support#1

Merged
devploit merged 1 commit intomainfrom
debugHunterv2
Feb 4, 2026
Merged

feat: debugHunter v2.0.0 - Complete rewrite with MV3 support#1
devploit merged 1 commit intomainfrom
debugHunterv2

Conversation

@devploit
Copy link
Copy Markdown
Owner

@devploit devploit commented Feb 4, 2026

Summary

Complete rewrite of debugHunter with Manifest V3 support and significant improvements to detection capabilities.

Major Changes

  • Manifest V3 - Full migration from MV2 to MV3
  • Multi-factor detection - Combines status codes, content analysis, headers, and debug indicators
  • New dark UI - GitHub-inspired design with severity classification

New Features

  • 🎯 Severity classification (Critical/High/Medium/Low)
  • 📊 Response diff viewer for comparing original vs modified responses
  • 🔍 Search and filter findings by domain or keyword
  • ⚡ Smart rate limiting with exponential backoff
  • 🧹 Dynamic content filtering (removes timestamps, CSRF tokens, sessions)
  • ⚙️ 4 detection modes: Smart, Aggressive, Conservative, Keywords-only
  • 🚀 HEAD requests optimization for path checking
  • 💾 Domain baseline caching to reduce requests

Detection Coverage

  • 25+ debug parameters (?debug=1, ?env=dev, ?XDEBUG_SESSION_START, etc.)
  • 7 sensitive headers (X-Debug, X-Forwarded-Host, X-Original-URL, etc.)
  • 46 sensitive paths (up from 17) - /.env, /.git/config, /actuator/env, etc.

Other

  • Test environment included (test/ folder)
  • New FontAwesome bug icon
  • Comprehensive README documentation

Test plan

  • Extension loads in Chrome without errors
  • Test server works (./test/start-server-macos.command)
  • Debug parameters detected when visiting test page with ?debug=1
  • Sensitive paths detected (/.env, /.git/config, etc.)
  • Severity classification working correctly
  • Search/filter functionality working
  • Settings page working

🤖 Generated with Claude Code

@devploit @claude
feat: debugHunter v2.0.0 - Complete rewrite with MV3 support
166febd 
## Major Changes
- Migrated from Manifest V2 to Manifest V3
- Complete rewrite of detection engine with multi-factor analysis
- New dark UI with GitHub-inspired theme

## New Features
- Severity classification (Critical/High/Medium/Low)
- Response diff viewer for params and headers
- Search and filter findings
- Smart rate limiting with exponential backoff
- Dynamic content filtering (timestamps, CSRF tokens, sessions)
- 4 detection modes: Smart, Aggressive, Conservative, Keywords-only
- HEAD requests optimization for path checking
- Domain baseline caching to reduce requests

## Detection Coverage
- 25+ debug parameters
- 7 sensitive headers
- 46 sensitive paths (up from 17)

## Other
- Added test environment for verifying extension functionality
- Updated icons with FontAwesome bug design
- Comprehensive README with full documentation

Co-Authored-By: Claude Opus 4.5 <[email protected]>
@devploit devploit merged commit d414ed4 into main Feb 4, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@devploit