HiddenThings — OSINT Scanner by camael
Detects robots.txt, sitemap.xml, security.txt, and other standard or sensitive files on the visited site.
Extension Metadata
Screenshots
About this extension
HiddenThings checks whether the site you're browsing exposes files it shouldn't — or standard files worth knowing about.
Automatic scan: on every page load, it checks for robots.txt, sitemap.xml, security.txt, and about 50 other standard/.well-known/ files. It also reads robots.txt itself and tests any extra paths listed in its Disallow/Allow/Sitemap entries.
Advanced recon (opt-in, manual): on request, it tests roughly 220 paths commonly checked in bug bounty recon — .git/, .env files, SSH keys, TLS certificates, cloud credentials, shell history files, CMS config files, debug endpoints, log files.
Custom wordlist (opt-in): paste your own list of paths to test against the current site.
Customization: Easily change the theme color and toggle between light and dark modes.
Source map discovery (opt-in): scans <script> tags on the page and checks for matching .js.map files, which sometimes leak unminified source code.
To cut down on false positives, every scan is checked against a request to a path that's guaranteed not to exist. If a site returns 200 OK for that too (common with single-page apps and custom error pages), matching results are filtered out instead of reported as found.
Each result links directly to the file and has a one-click download button.
All requests are made from the extension's own background/popup context using fetch(). Nothing is sent anywhere except to the site you're already on.
Meant for security research, bug bounty testing, and OSINT on sites you own or are authorized to test.
Automatic scan: on every page load, it checks for robots.txt, sitemap.xml, security.txt, and about 50 other standard/.well-known/ files. It also reads robots.txt itself and tests any extra paths listed in its Disallow/Allow/Sitemap entries.
Advanced recon (opt-in, manual): on request, it tests roughly 220 paths commonly checked in bug bounty recon — .git/, .env files, SSH keys, TLS certificates, cloud credentials, shell history files, CMS config files, debug endpoints, log files.
Custom wordlist (opt-in): paste your own list of paths to test against the current site.
Customization: Easily change the theme color and toggle between light and dark modes.
Source map discovery (opt-in): scans <script> tags on the page and checks for matching .js.map files, which sometimes leak unminified source code.
To cut down on false positives, every scan is checked against a request to a path that's guaranteed not to exist. If a site returns 200 OK for that too (common with single-page apps and custom error pages), matching results are filtered out instead of reported as found.
Each result links directly to the file and has a one-click download button.
All requests are made from the extension's own background/popup context using fetch(). Nothing is sent anywhere except to the site you're already on.
Meant for security research, bug bounty testing, and OSINT on sites you own or are authorized to test.
Rated 0 by 0 reviewers
Permissions and data
Required permissions:
- Download files and read and modify the browser’s download history
Optional permissions:
- Access your data for all websites
Data collection:
- The developer says this extension doesn't require data collection.
More information
- Add-on Links
- Version
- 0.1.0
- Size
- 198.13 KB
- Last updated
- 3 days ago (Jul 4, 2026)
- Related Categories
- License
- Mozilla Public License 2.0
- Version History
- Add to collection