As the debate over tech companies and apps tracking your data grows, here's a website that shows how TikTok and Instagram may see your sensitive data without your consent. has a tool that shows how popular social media platforms inject "JavaScript code into third-party websites that present potential security and privacy problems to the user"

Felix Krause, who made the tool, says that has a simple tool that "lists the JavaScript commands that were run by the iOS app when it rendered the page."

To use this tool for yourself, he advised, open the app you wish to analyse, share the URL, hit the link to open the app, and then read the report displayed on the screen.

Everyone may check for themselves what their apps are up to in their in-app browsers by visiting

In order to help others, I have made the analysis code available on GitHub as open source. According to a blog post by Krause, "this allows the community to update and improve this script over time"

He had already warned that the Chinese short-form video app TikTok might be watching all taps and keystrokes on iOS through its in-app browser.

He warned that sensitive information like passwords and credit card numbers could be intercepted through TikTok's In-App Browser.

TikTok issued a statement in which it claimed that Krause's findings against the company are "incorrect and deceptive."

"Contrary to its assertions, we do not gather keystroke or text inputs using this code, which is purely used for debugging, troubleshooting, and performance monitoring," the firm added.