Wirebrowser
Wirebrowser
CDP-based runtime instrumentation for the browser
Wirebrowser lets you hook functions at runtime, script the debugger, trace object origins with Origin Trace, inspect live runtime objects, and move from network traffic → runtime state → code inside one CDP-powered workflow.
Built directly on Chrome DevTools Protocol (CDP). No monkeypatching. No source rewriting. No browser extension model.
Wirebrowser is built for runtime instrumentation and reverse engineering in the browser: hooks, programmable debugging, origin tracing, and live memory inspection — all on top of CDP.
1 — Live Hooks
Intercept calls, inspect arguments, inject logic, and override return values without monkeypatching or modifying source files.
2 — Programmable Debugger
Drive stepping programmatically with primitives such as stepInto, stepOver, stepOut, and async-aware stepping to reach the execution point that matters.
3 — Origin Trace
Start from a runtime value or object and trace back to the user-land code where it first appears, using Breakpoint-Driven Heap Search.
4 — Live Object Search
Search real runtime objects by value, structure, or prototype and work with actual references — not serialized copies or frozen snapshots.
Traditional debugging starts from code: you guess where to place breakpoints,
rerun execution, and hope you stop in the right place.
Origin Trace, built on top of Breakpoint-Driven Heap Search (BDHS),
reverses that workflow: you start from a value or object already observed at runtime,
and Wirebrowser traces back to the user-land code where it first appears.
With Origin Trace, you can:
▶ start from a runtime value or object
▶ locate the function where it first appears
▶ narrow execution down to the relevant user-land code path
It answers the practical reverse-engineering question: where did this come from?
Heap snapshots let you observe objects after the fact.
Live Object Search lets you work with them while the program is running.
Instead of searching frozen snapshot data, Wirebrowser searches live runtime memory
and gives you access to actual object references that you can inspect,
correlate, and patch during execution.
This means you can:
▶ search objects by key, value, prototype, or similarity
▶ inspect them while they are still active
▶ patch them directly in runtime memory
This is something snapshots alone cannot provide.
Origin Trace and Live Object Search do not rely only on exact matches. Wirebrowser can identify structurally similar objects across runtime memory and execution steps, making it possible to follow evolving data through real program execution.
Origin Trace, live object search, and runtime instrumentation inside a real browser workflow.
Wirebrowser also connects intercepted traffic to runtime analysis, so you can move from HTTP data to live objects and then to the code path that produced them.
Intercept, modify, and replay HTTP requests and responses directly inside the runtime analysis workflow.
▶ inspect and rewrite requests and responses in real time
▶ replay captured traffic with modified parameters
▶ correlate network data with live objects in memory
This makes it possible to move from network data → runtime state → code origin without switching tools.
API Collections let you organize, edit, and replay HTTP requests in multiple formats.
Inside Wirebrowser, they are:
▶ built from intercepted traffic
▶ reusable across debugging sessions
▶ directly connected to automation and runtime inspection
They extend the instrumentation workflow instead of acting as a standalone API client.
Wirebrowser is designed for advanced debugging, reverse engineering, security research,
and runtime experimentation in modern web applications.
If Chrome DevTools gives you manual control, Wirebrowser gives you
scriptable control:
hooks, programmable stepping, origin tracing, live object inspection,
and network-to-runtime workflows built directly on CDP.