PERS - The Passive Expired Resource Scanner
A passive scanning tool for finding expired domain vulnerabilites while you browse.
什麼是PERS - The Passive Expired Resource Scanner?
PERS - The Passive Expired Resource Scanner是由https://thehackerblog.com開發的Chrome擴展程式,該擴展的主要功能是“A passive scanning tool for finding expired domain vulnerabilites while you browse.”。
擴展截圖
下載PERS - The Passive Expired Resource Scanner擴展crx文件
下載PERS - The Passive Expired Resource Scanner擴展crx格式的文件,手動將Chrome擴充功能安裝到瀏覽器中,也可以將crx文件分享給朋友,輕鬆安裝Chrome擴充功能。
擴展使用說明
A Chrome extension which detects expired domains in webpage resources (such as external images, CSS, and JavaScript) while you browse. Once detected it alerts you to the details and offers multiple ways to verify that the domain is expired. These vulnerabilities often allow for hijacking of the vulnerable webpage.
Useful for penetration testers and auditors who wish to automatically identify these vulnerabilities passively while they browse.
Reason for various permissions requested by extension:
* webRequest: Required to hook the onErrorOcurred function in Chrome to detect when a resource load has resulted in a network error occurring (e.g. "net::ERR_NAME_NOT_RESOLVED").
* webRequestBlocking: Required to block and add headers for certain domain availability querying APIs (e.g. add Origin header).
* : Required because we have to be able to detect failed network loads for resources from any domain/URL. 擴展基本資訊
| 名稱 |  PERS - The Passive Expired Resource Scanner |
| ID | jenkmpdppepcfhjpfgbgehfklnoopeei |
| 官方網址 | https://chromewebstore.google.com/detail/pers-the-passive-expired/jenkmpdppepcfhjpfgbgehfklnoopeei |
| 簡介 | A passive scanning tool for finding expired domain vulnerabilites while you browse. |
| 檔案大小 | 695 KB |
| 安裝次數 | 103 |
| 目前版本 | 0.0.2 |
| 更新時間 | 2016-10-09 |
| 上架時間 | 2016-10-08 |
| 開發者 | https://thehackerblog.com |
| 電子郵箱 | [email protected] |
| 付費類型 | free |
| 擴展官網 | https://thehackerblog.com |
| 支援的語言 | en |
| manifest.json | |
{
"update_url": "https:\/\/clients2.google.com\/service\/update2\/crx",
"name": "PERS - The Passive Expired Resource Scanner",
"version": "0.0.2",
"manifest_version": 2,
"description": "A passive scanning tool for finding expired domain vulnerabilites while you browse.",
"homepage_url": "https:\/\/thehackerblog.com\/",
"content_security_policy": "default-src 'self' https:\/\/thehackerblog.com; style-src * https:\/\/fonts.googleapis.com; img-src *; font-src *; connect-src *;",
"icons": {
"16": "icons\/icon16.png",
"48": "icons\/icon48.png",
"128": "icons\/icon128.png"
},
"default_locale": "en",
"background": {
"page": "src\/bg\/background.html",
"persistent": true
},
"permissions": [
"webRequest",
"webRequestBlocking",
" | |
