PERS - The Passive Expired Resource Scanner
A passive scanning tool for finding expired domain vulnerabilites while you browse.
什么是PERS - The Passive Expired Resource Scanner?
PERS - The Passive Expired Resource Scanner是由https://thehackerblog.com开发的Chrome扩展程序,该扩展的主要功能是“A passive scanning tool for finding expired domain vulnerabilites while you browse.”。
扩展截图
下载PERS - The Passive Expired Resource Scanner扩展crx文件
下载PERS - The Passive Expired Resource Scanner扩展crx格式的文件,手动将Chrome插件安装到浏览器中,也可以将crx文件分享给朋友,轻松安装Chrome插件。
扩展使用说明
A Chrome extension which detects expired domains in webpage resources (such as external images, CSS, and JavaScript) while you browse. Once detected it alerts you to the details and offers multiple ways to verify that the domain is expired. These vulnerabilities often allow for hijacking of the vulnerable webpage.
Useful for penetration testers and auditors who wish to automatically identify these vulnerabilities passively while they browse.
Reason for various permissions requested by extension:
* webRequest: Required to hook the onErrorOcurred function in Chrome to detect when a resource load has resulted in a network error occurring (e.g. "net::ERR_NAME_NOT_RESOLVED").
* webRequestBlocking: Required to block and add headers for certain domain availability querying APIs (e.g. add Origin header).
* : Required because we have to be able to detect failed network loads for resources from any domain/URL. 扩展基本信息
| 名称 |  PERS - The Passive Expired Resource Scanner |
| ID | jenkmpdppepcfhjpfgbgehfklnoopeei |
| 官方URL | https://chromewebstore.google.com/detail/pers-the-passive-expired/jenkmpdppepcfhjpfgbgehfklnoopeei |
| 简介 | A passive scanning tool for finding expired domain vulnerabilites while you browse. |
| 文件大小 | 695 KB |
| 安装次数 | 103 |
| 当前版本 | 0.0.2 |
| 更新时间 | 2016-10-09 |
| 上架时间 | 2016-10-08 |
| 开发者 | https://thehackerblog.com |
| 电子邮箱 | [email protected] |
| 付费类型 | free |
| 扩展官网 | https://thehackerblog.com |
| 支持的语言 | en |
| manifest.json | |
{
"update_url": "https:\/\/clients2.google.com\/service\/update2\/crx",
"name": "PERS - The Passive Expired Resource Scanner",
"version": "0.0.2",
"manifest_version": 2,
"description": "A passive scanning tool for finding expired domain vulnerabilites while you browse.",
"homepage_url": "https:\/\/thehackerblog.com\/",
"content_security_policy": "default-src 'self' https:\/\/thehackerblog.com; style-src * https:\/\/fonts.googleapis.com; img-src *; font-src *; connect-src *;",
"icons": {
"16": "icons\/icon16.png",
"48": "icons\/icon48.png",
"128": "icons\/icon128.png"
},
"default_locale": "en",
"background": {
"page": "src\/bg\/background.html",
"persistent": true
},
"permissions": [
"webRequest",
"webRequestBlocking",
" | |
