Why Did I Build This?
"When analyzing potentially malicious or heavily obfuscated web targets, opening them in a standard browser or relying on raw `curl` commands is either dangerous or highly inefficient. I engineered this tool to securely fetch, dissect, and visualize the DOM without executing embedded malicious payloads. It automates the extraction of embedded scripts, stylesheets, and hardcoded secrets while offering strict OPSEC through Tor network forcing and custom proxy failovers."
Architecture & Decisions
The application leverages a decoupled GUI architecture utilizing Python's `threading` and `queue.Queue` to maintain absolute UI responsiveness during high-latency network requests (especially over Tor). The extraction engine uses `BeautifulSoup` to physically partition the DOM into 'safe' (JS/CSS stripped) and 'unsafe' components for offline viewing. To handle massive HTML/JS payloads without freezing the Tkinter text widgets, I implemented a custom `Pygments` lexing wrapper with strict character limits, ensuring optimal memory management during syntax highlighting.
Key Features
- 01.Dynamic proxy routing with automated Tor fallback for `.onion` and standard domains
- 02.DOM manipulation engine that isolates and strips executable JavaScript for secure local viewing
- 03.Regex-based heuristic vulnerability scanner targeting hardcoded JWTs, API keys, and credentials
- 04.Thread-safe, non-blocking Tkinter GUI featuring real-time logging and segmented artifact workspaces
- 05.Automated CSS extraction and real-time visual color palette harvesting directly in the UI