JS Vulnerability Detector

JavaSript Vulnerability Detector is a result of my Master Thesis at Brno University of Technology, Faculty of Information…

什麼是JS Vulnerability Detector?

JS Vulnerability Detector是由randysekvojta開發的Chrome擴展程式,該擴展的主要功能是“JavaSript Vulnerability Detector is a result of my Master Thesis at Brno University of Technology, Faculty of Information…”。

擴展截圖

screenshot
screenshot

下載JS Vulnerability Detector擴展crx文件

下載JS Vulnerability Detector擴展crx格式的文件,手動將Chrome擴充功能安裝到瀏覽器中,也可以將crx文件分享給朋友,輕鬆安裝Chrome擴充功能。

擴展使用說明

                        JavaSript Vulnerability Detector is a result of my Master Thesis at Brno University of Technology, Faculty of Information technology, graduation year 2022. The extension aims to add security features to the end-users of various websites containing vulnerable JavaScript library code. The principle of extension is following:

1. After page loads the extension scans all the JavaScript contained on the page and sends it to background script for processing.
2. If the script contains a known vulnerability (initial version focuses mostly on jQuery),  it is tracked and shown in the extension popup. After detection the vulnerable script can be blocked, patched or left as is and only tracked.

All data is stored locally and can be cleared by a "Clear" button in the extension popup. There is no server communication going on, no data leaves the browser.

Extension runs in 4 modes:
1. disabled - no action
2. analyze - standard analysis only mode - no patching or blocking of vulnerable scripts
3. bloc - vulnerable scripts are removed from website
4. repair - experimental, vulnerable scripts are patched if possible

Currently it can detect vulnerable versions of jQuery (all up to 3.5.0) and repair them by updating them in runtime to 3.5.0 and couple more (around 30, including some of lodash, remarkjs, axios, handlebars and other vulnerabilities).

Source codes are open, available at https://github.com/xrandy00/mt_2022                    

擴展基本資訊

名稱 JS Vulnerability Detector JS Vulnerability Detector
ID bmcojnncgfmglejiinbdnahmkmbgifhk
官方網址 https://chromewebstore.google.com/detail/js-vulnerability-detector/bmcojnncgfmglejiinbdnahmkmbgifhk
簡介 JavaSript Vulnerability Detector is a result of my Master Thesis at Brno University of Technology, Faculty of Information…
檔案大小 459 KB
安裝次數 246
目前版本 1.0.0
更新時間 2022-12-13
上架時間 2022-04-19
評分 5.00/5 共 1 次評分
開發者 randysekvojta
電子郵箱 [email protected]
付費類型 free
擴展官網 https://github.com/xrandy00/mt_2022
說明頁面URL https://github.com/xrandy00/mt_2022
支援的語言 en
manifest.json
{
    "update_url": "https:\/\/clients2.google.com\/service\/update2\/crx",
    "name": "__MSG_appName__",
    "short_name": "__MSG_appShortName__",
    "description": "__MSG_appDescription__",
    "homepage_url": "http:\/\/chrome.google.com\/webstore",
    "version": "1.0.0",
    "version_name": "1.0.0",
    "manifest_version": 3,
    "default_locale": "en",
    "minimum_chrome_version": "88",
    "action": {
        "default_icon": "assets\/icon.png",
        "default_popup": "popup.html",
        "default_title": "__MSG_appName__"
    },
    "icons": {
        "144": "assets\/icon.png"
    },
    "host_permissions": [
        ""
    ],
    "permissions": [
        "storage"
    ],
    "web_accessible_resources": [
        {
            "resources": [
                "evaluate.js",
                "popup.js"
            ],
            "matches": [
                ""
            ]
        }
    ],
    "content_scripts": [
        {
            "matches": [
                ""
            ],
            "run_at": "document_start",
            "all_frames": true,
            "js": [
                "content_script.js"
            ]
        }
    ],
    "background": {
        "service_worker": "background.js"
    }
}