flagqaz

flagqaz / AegisScope

Public

玄镜 AegisScope 前端代码资产采集、泄露扫描、漏洞审计与 Vue Router 运行分析工具。 面向授权安全测试、SRC 辅助审计、前端打包产物分析和接口风险梳理场景。

19
1
100% credibility
Found Apr 29, 2026 at 19 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
JavaScript
AI Summary

A browser extension that collects and scans JavaScript code from webpages to detect leaked secrets, cryptographic weaknesses, and other security risks, providing reports and tools for deeper analysis.

How It Works

1
🛠️ Install the browser helper

Add AegisScope to your browser from the store or GitHub to start checking websites.

2
🌐 Visit any webpage

Open the site you want to inspect for hidden risks.

3
🖱️ Click the toolbar icon

Tap the puzzle piece icon to pop up the handy dashboard.

4
📜 Spot all hidden scripts

Instantly see every piece of code running quietly on the page, ready to explore.

5
🔍 Run a quick safety scan

Hit scan to automatically hunt for leaked secrets, weak spots, and odd patterns.

6
⚠️ Review the alerts

Check the easy list of issues like exposed keys or crypto flaws with helpful tips.

📊 Download your report

Grab a full summary to fix problems or share findings, keeping the web safer.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 19 to 19 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is AegisScope?

AegisScope is a JavaScript Chrome extension that collects frontend code from web pages, scans for leaked secrets like AWS keys and API tokens, audits vulnerabilities such as weak crypto and XSS risks, and analyzes Vue Router at runtime. It extracts APIs, routes, frameworks, and modules from production bundles, solving the pain of manually deobfuscating JS for security reviews or asset mapping. Users get one-click ZIP exports, detailed reports with exploit guidance, and Vue-specific tools to inspect or bypass router guards.

Why is it gaining traction?

It stands out by auto-discovering webpack chunks and source maps, delivering high-confidence findings via regex rules with context validation, and offering runtime Vue Router mutation for quick bypass testing. Developers dig the popup interface for instant scans/downloads, plus aggregated stats on crypto algos, obfuscation, and sensitive paths—no setup needed. The focus on actionable output like PoC templates beats generic linters.

Who should use this?

Security researchers in bug bounties or SRC platforms auditing JS-heavy SPAs, pentestors probing frontend bundles for leaks during authorized tests, and frontend teams reviewing vendor code or production artifacts for secrets and misconfigs. Ideal for Vue Router apps where client-side auth needs backend verification.

Verdict

Solid pick for JavaScript/Vue security audits despite low 19 stars and 1.0% credibility—rules are comprehensive, but expect rough edges in docs and edge cases. Use it now for bundle hunting; contribute rules to boost maturity.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.