PERS - The Passive Expired Resource Scanner
A passive scanning tool for finding expired domain vulnerabilites while you browse.
PERS - The Passive Expired Resource Scannerとは何ですか?
PERS - The Passive Expired Resource Scannerはhttps://thehackerblog.comによって開発されたChromeの拡張機能で、その主な機能は「A passive scanning tool for finding expired domain vulnerabilites while you browse.」です。
拡張機能のスクリーンショット
PERS - The Passive Expired Resource Scanner拡張機能のCRXファイルをダウンロード
PERS - The Passive Expired Resource Scanner拡張子のファイルをcrx形式でダウンロードし、ブラウザにChrome拡張機能を手動でインストールするか、crxファイルを友達と共有して簡単にChrome拡張機能をインストールします。
拡張機能の使用方法
A Chrome extension which detects expired domains in webpage resources (such as external images, CSS, and JavaScript) while you browse. Once detected it alerts you to the details and offers multiple ways to verify that the domain is expired. These vulnerabilities often allow for hijacking of the vulnerable webpage.
Useful for penetration testers and auditors who wish to automatically identify these vulnerabilities passively while they browse.
Reason for various permissions requested by extension:
* webRequest: Required to hook the onErrorOcurred function in Chrome to detect when a resource load has resulted in a network error occurring (e.g. "net::ERR_NAME_NOT_RESOLVED").
* webRequestBlocking: Required to block and add headers for certain domain availability querying APIs (e.g. add Origin header).
* : Required because we have to be able to detect failed network loads for resources from any domain/URL. 拡張機能の基本情報
| 名前 |  PERS - The Passive Expired Resource Scanner |
| ID | jenkmpdppepcfhjpfgbgehfklnoopeei |
| 公式URL | https://chromewebstore.google.com/detail/pers-the-passive-expired/jenkmpdppepcfhjpfgbgehfklnoopeei |
| 説明 | A passive scanning tool for finding expired domain vulnerabilites while you browse. |
| ファイルサイズ | 695 KB |
| インストール数 | 103 |
| 現在のバージョン | 0.0.2 |
| 最終更新日 | 2016-10-09 |
| 公開日 | 2016-10-08 |
| 開発者 | https://thehackerblog.com |
| Eメール | [email protected] |
| 支払い方法 | free |
| 拡張機能のウェブサイト | https://thehackerblog.com |
| 対応言語 | en |
| manifest.json | |
{
"update_url": "https:\/\/clients2.google.com\/service\/update2\/crx",
"name": "PERS - The Passive Expired Resource Scanner",
"version": "0.0.2",
"manifest_version": 2,
"description": "A passive scanning tool for finding expired domain vulnerabilites while you browse.",
"homepage_url": "https:\/\/thehackerblog.com\/",
"content_security_policy": "default-src 'self' https:\/\/thehackerblog.com; style-src * https:\/\/fonts.googleapis.com; img-src *; font-src *; connect-src *;",
"icons": {
"16": "icons\/icon16.png",
"48": "icons\/icon48.png",
"128": "icons\/icon128.png"
},
"default_locale": "en",
"background": {
"page": "src\/bg\/background.html",
"persistent": true
},
"permissions": [
"webRequest",
"webRequestBlocking",
" | |
