Wirebrowser
Wirebrowser is a debugging, interception, and memory-inspection toolkit powered by the Chrome DevTools Protocol (CDP). It unifies network manipulation, API testing, automation scripting, and deep JavaScript memory inspection into one interface.
With features like Breakpoint-Driven Heap Search and real-time Live Object Search, Wirebrowser provides researchers and engineers with precise, high-visibility tools for client-side analysis, reverse engineering, and complex application debugging.
๐งญ Overview
Network
Intercept, block, rewrite, and replay HTTP requests and responses in real time.
Memory
Inspect, search, and modify JavaScript memory using both live heap analysis and heap snapshots, with full support for object identity search, primitive search (via snapshots), structural matching, and runtime patching.
-
Live Object Search โ Search all live JavaScript objects using regex or structural matching, and patch matched objects at runtime to alter state or behavior dynamically.
-
Static Heap Snapshot Search Capture a full V8 heap snapshot and search all objects and primitives, including strings and closure-captured values that are unreachable through the Runtime domain.
-
Origin Trace (BDHS) โ Performs automatic debugger pauses and captures a full heap snapshot at each stop. Every snapshot is searched to identify the user-land function responsible for creating or mutating the target value. Framework and vendor scripts are filtered out via heuristics.
BDHS also includes a tolerance window that samples snapshots before and after the first match, providing contextual insight into when and how a value is introduced or mutated.
Hybrid Structural Similarity Engine (cross-modal)
A shared similarity engine used across Live Object Search, Heap Snapshots, and BDHS timelines. Enables shape-based searches, clustering, and origin tracing for objects that evolve over time.
API Collection
Create, edit, and execute API requests with variable substitution and structured collections, integrating Postman-style workflows directly into the debugging environment.
Technical Writeup (BDHS / Origin Trace)
A full technical deep-dive is available here: ๐ https://fcavallarin.github.io/wirebrowser/BDHS-Origin-Trace
๐ Feature Highlights
Below is a quick visual tour of Wirebrowserโs most distinctive capabilities.
โถ๏ธ Origin Trace (BDHS) & Live Object Search โ demonstration
A short walkthrough of Wirebrowserโs advanced memory-analysis capabilities:
- Live Object Search โ real-time search and runtime patching of live JS objects.
- Origin Trace (BDHS) โ identify the user-land function responsible for creating or mutating the object during debugging.
Network Interceptor
Intercept, rewrite, block, and replay HTTP requests and responses.
Memory โ Live Object Search
Search and patch live JS objects using regex or structural matching.
Memory โ Origin Trace (BDHS)
Capture snapshots on each debugger pause to locate the user-land function responsible for object creation or mutation.
Getting Started
Install
git clone https://github.com/fcavallarin/wirebrowser.git
cd wirebrowser
npm install
npm run buildRun
๐ง Linux - Sandbox issue with Electron
On some Linux distributions, Electron may fail to start due to process sandboxing restrictions, showing errors such as:
The SUID sandbox helper binary was found, but is not configured correctly.
This is a known issue in Electron ([electron/electron#42510]).
The most common solution is to disable AppArmor restrictions:
sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
โ๏ธ Additional Capabilities
Beyond the core Network and Memory workflows, Wirebrowser offers several supporting modules that enhance debugging, testing, and automation workflows.
API Collection
Create, edit, and execute API requests with variable substitution and organized collections.
Useful for testing endpoints, iterating on backend logic, or interacting with APIs directly from the same environment used for debugging the client.
Automation
Run browser-side or Node.js scripts, either manually or triggered by events such as page load.
Automation scripts have access to an Utils object that exposes helpers for interacting with the browser, pages, variables, iterators, and HTTP utilities.
const userId = Utils.getVar("userId"); const page = Utils.getPage(1); page.on("request", req => req.continue()); await page.goto(`https://example.com/${userId}`);
Tools
A collection of small tools frequently needed during debugging and analysis, including:
- Encode or decode strings in multiple formats:
- Create, verify, and decode JSON Web Tokens (JWTs).
โถ๏ธ Scope of actions โ Global vs Tab-specific
Most Wirebrowser actions can be performed either globally (across all open tabs/pages) or targeted to a single tab. This lets you choose whether a rule or inspection should affect the whole browser session or only a specific page.
Every tab/page opened by Wirebrowser has a unique integer tabId. Use this tabId to scope actions.
UI Notes
- Many panels offer a scope selector (Global / Specific Tab ID) for quick changes.
๐ Tech Stack
Wirebrowser is built with React and Node.js, using plain JavaScript to keep the codebase lightweight and hackable.
TypeScript or JSDoc-based typing may be introduced in the future for enhanced maintainability.
๐ฃ๏ธ Roadmap
The following areas are being explored for future development:
๐ Security & Crawling
- SPA crawling โ automated crawling of single-page applications to map navigation flows and surface client-side behaviors.
- DOM XSS scanning โ analysis of potential DOM-based XSS injection points during crawls or on-demand checks.
๐ค Community & Support
Wirebrowser is being built in the open โ contributions and feedback are welcome!
- ๐ฌ Chat coming soon (Discord or Matrix)
- ๐ฆ Follow updates on X/Twitter: https://x.com/wirebrowser
- ๐ง Issues & Ideas: https://github.com/fcavallarin/wirebrowser/issues
๐ค Contributing
Contributions and pull requests are welcome!
Open an issue or pull request โ even small suggestions help improve Wirebrowser.
๐ License
Wirebrowserโข is distributed under the MIT License.
See the LICENSE file for more details.