Home - SAP/project-foxhound GitHub Wiki

Welcome to the project Foxhound Wiki!

This page provides a rough guideline on how the pages are meant to be used.

Building Foxhound

The general guide to build Foxhound, potentially with support for browser automation via Playwright, is available under Building Foxhound.

If you want to build Foxhound manually, for example, to use it under Windows or to debug build failures, we provide some guides at Building Manually.

Using Foxhound

You can either use Foxhound interactively, e.g., by using or writing an extension to display taint flows, or via a browser automation framework such as Playwright.

General information on the direct usage is provided under Observing Taint Flows. If you want to test Foxhound, we recommend starting out with an existing integration. For example, to get started with Playwright, please check out Playwright Integration.

A list of available taint sources and sinks is provided under Source and Sink Listings.

Hall of Fame

Foxhound is used in both industrial settings and academia. We collect publications that successfully used Foxhound under Publications. If your work builds on Foxhound and has been published, please open an issue so we can include it! :)

Hacking on Foxhound

Foxhound is open source, and we are happy to accept external contributions. As the code base is very large and getting started is somewhat challenging, we also provide some advice on how to start hacking and debugging Foxhound.

Adding Test Cases

A simple way to contribute is to add test cases for issues you found with Foxhound. This enables us to reproduce them and, hopefully, fix them. This is done via Mochi Tests.

Developing

Debugging

Release Process

We aim to keep Foxhound in line with the newest version of Firefox, which Playwright supports. So, there are some rough guides on how to pull in changes from upstream Firefox.