An anonymous reader writes: Google has released an experimental browser interception tool, called the "DOM Snitch". While most reconnaissance tools focus on testing server-side code, client side vulnerabilities have received less test attention. By intercepting JavaScript calls to the browser infrastructure, the tool allows detecting cross-site scripting, mixed content, insecure modifications to the same-origin policy for DOM access.