Polykill.js is a free and open source JavaScript monitoring service for every website. Its purpose is simple: Automatically inventory all JavaScript files and provide a complete report on the risk associated with each file running across all user sessions.
Polykill inventories and analyzes:
- All static and dynamic scripts running on the page
- XHR and beacon calls made to 3rd parties
- Sensitive data harvesting capabilities
- Breach history of script domain owner
- Domain name transfer activity
- and much more
1. Add the script
![Polykill.js](/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fbrower-js.11f0da3f.png&w=750&q=75)
polykill.js passively sends an inventory of running JavaScript files to the risk API for analysis.
2. Log in to polykill.io and review
![Polykill.js report](/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Freport.ec840a85.png&w=384&q=75)
- Risk analysis on full JavaScript domain, path and parameters
- Risk analysis of 3rd party payload, breach history and more
- Reports can be sent automatically via email
Please send me an email when the JS option is ready - I would like to use it on my site.
Media Coverage
![ArsTechnica](/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flogo_arstechnica.dece84b1.png&w=256&q=75)
![Bleeping Computer](/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flogo_bleeping.9cc37ae2.png&w=640&q=75)
![DevOps](/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flogo_devops.ed3aec4b.png&w=128&q=75)
![Security Blvd](/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flogo_secblvd.e64a6e96.png&w=384&q=75)
![The Register](/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flogo_theregister.fc5713d8.png&w=256&q=75)