The free tool, called , is designed to sniff out potential security holes in Web applications' client-side code that could be exploited by attacks such as client-side scripting, .

"To do this, we have adopted several approaches to intercepting JavaScript calls to key and potentially dangerous browser infrastructure such as document.write or HTMLElement.innerHTML," Google official Radoslav Vasilev wrote in a blog post.

In addition to developers, DOM Snitch is also aimed at code testers and security researchers, the company said.

The tool displays DOM (document object model) modifications in real time so developers don't have to pause the application to run a debugging tool, according to Google.

DOM Snitch also lets developers export reports so they can be shared with others involved in developing and refining the application, Google said.