ExtAnalysis : Browser Extension Analysis Framework

ExtAnalysis is a browser extension analysis framework. Installing it is simple! It runs on python3, so make sure python3 and python3-pip are installed.

What Can You Do?

  • Download & Analyze Extensions From:
  • Analyze Installed Extensions of:
    • Google Chrome
    • Mozilla Firefox
    • Opera Browser (Coming Soon)
  • Upload and Scan Extensions. Supported formats:
    • .crx
    • .xpi
    • .zip

Features

  • View Basic Informations:
    • Name, Author, Description and Version
  • Manifest Viewer
  • In depth permission information
  • Extract Intels from files which include:
    • URLs and domains
    • IPv6 and IPv4 addresses
    • Bitcoin addresses
    • Email addresses
    • File comments
    • Base64 encoded strings
  • View and Edit files. Supported file types:
    • html
    • json
    • JavaScript
    • css
  • VirusTotal Scans For:
    • URLs
    • Domains
    • Files
  • RetireJS Vulnerability scan for JavaScript files
  • Network graph of all files and URLs
  • Reconnaissance tools for extracted URLs:
    • Whois Scan
    • HTTP headers viewer
    • URL Source viewer
    • GEO-IP location
  • Some Fun Stuffs that include:
    • Dark Mode
    • Inbuilt chiptune player (Jam on to some classic chiptune while it does the work)

Also Read – Vulmap :Online Local Vulnerability Scanners Project

Install

$ git clone https://github.com/Tuhinshubhra/ExtAnalysis
$ cd ExtAnalysis
$ pip3 install -r requirements.txt

For proper analysis don’t forget to add your virustotal api.

How do I use it?

Once the installation is done you can jump straight ahead and run it by running the command: $ python3 extanalysis.py It should automatically launch it in a new browser window.

For other options check out the help menu $ python3 extanalysis.py --help

usage: extanalysis.py [-h HOST] [-p PORT] [-v] [-u] [-q] [–help]

optional arguments:
-h HOST, –host HOST Host to run ExtAnalysis on. Default host is 127.0.0.1
-p PORT, –port PORT Port to run ExtAnalysis on. Default port is 13337
-v, –version Shows version and quits
-u, –update Checks for update
-q, –quiet Quiet mode shows only errors on cli!
–help Shows this help menu and exits

Python Modules Used:

  • flask for the webserver
  • python-whois for Whois lookup
  • maxminddb for parsing the Geo-IP database
  • requests for http headers and source code viewer

Screenshots

Download
R K

Share
Published by
R K
Tags: Analysis FrameworkBrowser ExtensionChromeExtAnalysisFirefox
6 years ago

Recent Posts

Kali Linux 2024.4 Released, What’s New?

Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…

4 hours ago

Lifetime-Amsi-EtwPatch : Disabling PowerShell’s AMSI And ETW Protections

This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…

4 hours ago

GPOHunter – Active Directory Group Policy Security Analyzer

GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…

2 days ago

2024 MITRE ATT&CK Evaluation Results – Cynet Became a Leader With 100% Detection & Protection

Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…

5 days ago

SecHub : Streamlining Security Across Software Development Lifecycles

The free and open-source security platform SecHub, provides a central API to test software with…

1 week ago

Hawker : The Comprehensive OSINT Toolkit For Cybersecurity Professionals

Don't worry if there are any bugs in the tool, we will try to fix…

1 week ago