penproxy accessing javascript?

[Mads Rasmussen <mads () opencs com br>]

I have come across several webpages where some calculations were done in 
javascript, like cryptography or routines to handle the virtual 
keyboard, broadly used in internet banking here in Brazil (if someone 
wants me to explain the idea I will do)

When doing analysis it crossed my mind to look for some kind of penproxy 
with the capability of evaluating the javascript code.
Imagine a trojan installing a local proxy for the browser and then 
evaluating the javascripts it sees for a specific site, if it does 
crypto it can see the key, if it handles the virtual keyboard it will 
see the passwords entered on the keyboard.

I had another look at webscarab, what is the java bean stuff about? it 
doesn't seem to do what I want though

Anyone knows of one?

Regards,

Mads