A few months ago I shared BDHS (Breakpoint-Driven Heap Search), an experiment to trace when a value appears in memory by taking heap snapshots at every debugger pause.
Since then, I’ve been experimenting further with Chrome DevTools Protocol primitives to build tools for reversing and debugging JavaScript at runtime.
Here’s the next step.
The focus is shifting from observation to instrumentation: instead of just inspecting state, the goal is to interact with execution - at specific points, in user-land code, without modifying the application.
Early experiments include:
- attaching hooks to functions at runtime - inspecting and modifying arguments and variables - overriding return values (unfortunately limited to sync functions due to CDP constraints) - following a return value to its consumer (best-effort/heuristic) - conditional stepIn/ stepOut / stepOver
All implemented via CDP (debugger breakpoints + runtime evaluation), without monkeypatching or rewriting code.
Whitepaper: https://fcavallarin.github.io/wirebrowser/CDP-as-a-Runtime-I... API docs (early): https://fcavallarin.github.io/wirebrowser/api/
I’d really appreciate feedback - especially from people doing reverse engineering, bug bounty, or complex frontend debugging.