Spectroscope
Search for endpoints potentially vulnerable to Spectre.
Spectroscopeとは何ですか?
SpectroscopeはLukas Weichselbaumによって開発されたChromeの拡張機能で、その主な機能は「Search for endpoints potentially vulnerable to Spectre.」です。
拡張機能のスクリーンショット
Spectroscope拡張機能のCRXファイルをダウンロード
Spectroscope拡張子のファイルをcrx形式でダウンロードし、ブラウザにChrome拡張機能を手動でインストールするか、crxファイルを友達と共有して簡単にChrome拡張機能をインストールします。
拡張機能の使用方法
Spectroscope is a prototype extension for security engineers and web developers to help track down application resources which aren't protected from being embedded by other websites. Such resources can, in some cases, be exfiltrated by malicious sites making use of CPU-level information leaks on users' devices, such as the Spectre vulnerability.
The tool identifies resources which are exempt from default protections enabled in Google Chrome (Cross-Origin Read Blocking, SameSite cookies) and which can be embedded cross-site. The results are added to Chrome's DevTools "Spectroscope" panel and include security recommendations to help protect your resources from Spectre and other cross-site attacks.
Note: This is a prototype extension which is meant to be used only as a convenience tool to help you protect your site; it is not an official Google product. Testing your site with Spectroscope is not a substitute for careful deployment of recommended web security features. See https://w3c.github.io/webappsec-post-spectre-webdev/ for a complete list of best practices.
Authors (alphabetically): Roberto Clapis, Santiago Diaz, Aleksandr Dobkin, David Dworken, Artur Janc, Aaron Shim, Lukas Weichselbaum 拡張機能の基本情報
| 名前 |  Spectroscope |
| ID | idppnaadbabknjeaifkegolcciafchpp |
| 公式URL | https://chromewebstore.google.com/detail/spectroscope/idppnaadbabknjeaifkegolcciafchpp |
| 説明 | Search for endpoints potentially vulnerable to Spectre. |
| ファイルサイズ | 5.5 MB |
| インストール数 | 232 |
| 現在のバージョン | 0.1.0 |
| 最終更新日 | 2021-08-19 |
| 公開日 | 2021-03-07 |
| 評価 | 5.00/5 合計 2 レビュー |
| 開発者 | Lukas Weichselbaum |
| Eメール | [email protected] |
| 支払い方法 | free |
| 対応言語 | en |
| manifest.json | |
{
"update_url": "https:\/\/clients2.google.com\/service\/update2\/crx",
"name": "Spectroscope",
"version": "0.1.0",
"description": "Search for endpoints potentially vulnerable to Spectre.",
"icons": {
"128": "icon128.png"
},
"manifest_version": 2,
"devtools_page": "devtools.html",
"permissions": [
"cookies",
"http:\/\/*\/*",
"https:\/\/*\/*",
"storage"
],
"background": {
"persistent": false,
"scripts": [
"background.js"
]
}
} | |
