ExtAnalysis – Browser Extension Analysis Framework

ExtAnalysis is a Web Browser Extension Analysis Framework that will Scan, Analyse Chrome or Mozilla firefox extensions for vulnerabilities and intels. Generally most online users install extension to make web browsing easier and more convenient.

Some plugins may allow to capture, narrate and share videos to communicate faster, other can help to manage sensitive information such as passwords or just to integration for third parties application to reduce spending time to install a full applications.

ExtAnalysis - Browser Extension Analysis Framework
ExtAnalysis – Browser Extension Analysis Framework

Installing new extensions may introduce new vulnerabilities and risks. ExtAnalysis will scan any extension for security vulnerabilities and it will allow user to have the following features:

  • View Basic Informations : Name , Author , Description and Version
  • Manifest Viewer
  • In depth permission information
  • Extract Intels from files which include: URLs and domains, IPv6 and IPv4 addresses , Bitcoin addresses , Email addresses , File comments , Base64 encoded strings
  • View and Edit files. Supported file types: html , json , JavaScript , css
  • VirusTotal Scans For: URLs , Domains Files
  • RetireJS Vulnerability scan for JavaScript files
  • Network graph of all files and URLs
  • Reconnaissance tools for extracted URLs: Whois Scan , HTTP headers viewer , URL Source viewer , GEO-IP location

User may add some more reconnaissance tools virustotal scan, HTTP header viewer, Geo-IP lookups , source code viewer and whois lookup.

You can read more and download this tool over here: https://github.com/Tuhinshubhra/ExtAnalysis

Share