PERS - The Passive Expired Resource Scanner

A passive scanning tool for finding expired domain vulnerabilites while you browse.

Qu'est-ce que PERS - The Passive Expired Resource Scanner ?

PERS - The Passive Expired Resource Scanner est une extension Chrome développée par https://thehackerblog.com, et sa fonction principale est "A passive scanning tool for finding expired domain vulnerabilites while you browse.".

Captures d'Écran de l'Extension

screenshot

Télécharger le fichier CRX de l'extension PERS - The Passive Expired Resource Scanner

Téléchargez les fichiers d'extension PERS - The Passive Expired Resource Scanner au format crx, installez manuellement les extensions Chrome dans le navigateur ou partagez les fichiers crx avec des amis pour installer facilement les extensions Chrome.

Instructions d'Utilisation de l'Extension

                        A Chrome extension which detects expired domains in webpage resources (such as external images, CSS, and JavaScript) while you browse. Once detected it alerts you to the details and offers multiple ways to verify that the domain is expired. These vulnerabilities often allow for hijacking of the vulnerable webpage.

Useful for penetration testers and auditors who wish to automatically identify these vulnerabilities passively while they browse.

Reason for various permissions requested by extension:
* webRequest: Required to hook the onErrorOcurred function in Chrome to detect when a resource load has resulted in a network error occurring (e.g. "net::ERR_NAME_NOT_RESOLVED").
* webRequestBlocking: Required to block and add headers for certain domain availability querying APIs (e.g. add Origin header).
* : Required because we have to be able to detect failed network loads for resources from any domain/URL.                    

Informations de Base sur l'Extension

Nom PERS - The Passive Expired Resource Scanner PERS - The Passive Expired Resource Scanner
ID jenkmpdppepcfhjpfgbgehfklnoopeei
URL Officiel https://chromewebstore.google.com/detail/pers-the-passive-expired/jenkmpdppepcfhjpfgbgehfklnoopeei
Description A passive scanning tool for finding expired domain vulnerabilites while you browse.
Taille du Fichier 695 KB
Nombre d'Installations 103
Version Actuelle 0.0.2
Dernière Mise à Jour 2016-10-09
Date de Publication 2016-10-08
Développeur https://thehackerblog.com
Email [email protected]
Type de Paiement free
Site Web de l'Extension https://thehackerblog.com
Langues Prises en Charge en
manifest.json
{
    "update_url": "https:\/\/clients2.google.com\/service\/update2\/crx",
    "name": "PERS - The Passive Expired Resource Scanner",
    "version": "0.0.2",
    "manifest_version": 2,
    "description": "A passive scanning tool for finding expired domain vulnerabilites while you browse.",
    "homepage_url": "https:\/\/thehackerblog.com\/",
    "content_security_policy": "default-src 'self' https:\/\/thehackerblog.com; style-src * https:\/\/fonts.googleapis.com; img-src *; font-src *; connect-src *;",
    "icons": {
        "16": "icons\/icon16.png",
        "48": "icons\/icon48.png",
        "128": "icons\/icon128.png"
    },
    "default_locale": "en",
    "background": {
        "page": "src\/bg\/background.html",
        "persistent": true
    },
    "permissions": [
        "webRequest",
        "webRequestBlocking",
        ""
    ]
}