UnmapJS – Source Map Exposure Scanner

Name: UnmapJS – Source Map Exposure Scanner
Author: IntelSecLab

Finds exposed JavaScript source maps and downloads recoverable source files as a ZIP archive.

As of June 2026, UnmapJS – Source Map Exposure Scanner has 51 users in the Privacy & Security category.

IntelSecLab Privacy & Security

Chrome Web Store ↗.crx

Users0%

Rating0%

—

— reviews

Reviews0%

—

Version

1.1.1

Manifest V3

90-day change · In the last 90 days this extension 1 version update, changed permissions.

History

9 snapshots

Tracking since Apr 8, 2026.

View as table

Date	Users	Rating	Reviews	Version
Apr 8, 2026	—	—	—	1.0.0
Apr 19, 2026	—	—	—	1.0.0
Apr 25, 2026	7	—	—	1.0.0
May 2, 2026	12	—	—	1.1.1
May 9, 2026	15	—	—	1.1.1
May 13, 2026	360	—	—	1.1.1
May 25, 2026	—	—	—	1.1.1
Jun 1, 2026	90	—	—	1.1.1
Jun 7, 2026	52	—	—	1.1.1
Now	51	—	—	1.1.1

Changelog

Apr 25, 2026
host_permissions
```
(empty)
```
```
http://*/, https://*/
```

Permissions & access

Permissions: activeTabscriptingstoragetabsnotifications
Host access: http://*/, https://*/

Screenshots

UnmapJS – Source Map Exposure Scanner screenshot 1

UnmapJS – Source Map Exposure Scanner screenshot 2

About

UnmapJS helps security researchers and developers check whether a web application exposes JavaScript source maps in production.

What it does:
- Scans the current tab for JavaScript chunks and source map references
- Verifies source map availability and extracts recoverable source files
- Exports recovered files as a ZIP for analysis

Privacy-first behavior:
- Site access is requested per-site when you click Analyze
- Auto-scan is optional and off by default
- Notifications are optional and off by default
- Data is processed locally in your browser and stored in chrome.storage.local
- No external analytics, no selling of user data

Important:
Use only on applications you own or are explicitly authorized to test.

Permission justification (for CWS form)
- activeTab: run analysis on the user's currently active tab after explicit action.
- scripting: collect in-page script/resource references needed for source map discovery.
- downloads: save recovered source files as ZIP.
- storage: save user settings.
- tabs: read active tab URL for current-tab analysis.
- notifications: optional alert when auto-scan finds exposed sources.
- optional_host_permissions (<all_urls>): enables user-granted, per-origin scanning without permanent global access.

Technical

Version: 1.1.1
Manifest: V3
Size: 66.3KiB
Min Chrome: 88
Languages: 1
Featured: No

Metadata

ID: pjbpjgfagihokiidfdopoacdjbipckoa
Developer ID: u57d13e7eec70d606a7a7d81c6c2de610
Developer Email: [email protected]
Created: Apr 8, 2026
Last Updated (Store): Apr 21, 2026
Last Scraped: Jun 7, 2026
Website: —
Support URL: https://github.com/intelseclab/unmapjs-chrome-extension/issues
Privacy Policy: https://github.com/intelseclab/unmapjs-chrome-extension/blob/main/PRIVACY.md

Data sourced from the Chrome Web Store · last verified Jun 7, 2026.