![[FCO]FreeCoursesOnline](https://onehack.us/uploads/default/original/3X/b/4/b4d2fc8468becec1e9976784dba394e5a378ec81.jpg){kind=small}
These days people spend more time on the Internet than the offline world. It is okay to be in the online world but also it is our responsibility to make secure the applications we use to surf the Internet.
Many of you work on online platforms or surf the Internet for something and you add or download different extensions to your browsers to make your daily works easier. But have you ever analyzed or scanned the extensions you are using to make sure they do not collect sensitive information from your browser or do the suspicious activity?
There are a few people who do care about these things. But it is boring to analyze the extensions manually by reading the privacy policies and terms and conditions or reviews by other users or analyzing the source codes if you are given access to that.
There is a tool called ExtAnalysis which can sort out this problem. This tool is a browser extension framework. This tool analyzes every possible thing of the extensions you are using to give you in-depth and detailed information about them.
Features of ExtAnalysis
-
View basic Information about Name, Author, Description, and version
-
Manifest viewer
-
In-depth permission information
-
Extract Intels from the files which include: URLs and domains, IPV6 and IPV4 addresses, Bitcoin addresses, Email addresses, File comments, Base64 encoded strings.
-
View and Edit files. Supported file types- HTML, JSON, Javascript, CSS.
-
virus total scans for URLs, Domains and Files.
-
RetireJS vulnerability scan for Javascript files.
-
Network graph of all files and URLs.
-
Reconnaissance tools for extracted URLs- Whois scan, HTTP headers viewer, URL source viewer, GEO-IP location.
-
Fun stuff- Dark Mode, Inbuilt chiptune player.
How to Install ExtAnalysis on Kali Linux
Fire up your Kali Linux machine, open up the terminal, change the directory to Desktop and download or clone the tool from Github.
cd Desktop/
git clone https://github.com/Tuhinshubhra/ExtAnalysis.git
Now change the directory to ‘ExtAnalysis’ folder and expand it. Here you can see a python script named ’ extanalysis.py '. We need this script to launch the tool. Before we do that, we need to satisfy some requirements. Follow the commands.
cd ExtAnalysis/
ls
pip install -r requirements.txt
Now, all done.
How to Use it
Once you finish the installation, go to the ExtAnalysis folder and run the extanalysis.py script with the command- python3 extanalysis.py . This will automatically open up the tool in a new browser window.
Now download the extensions you want to use and analyze them. To see the help menu, simply type the command- python3 extanalysis.py --help .
Conclusion
Not so many people are aware of their browser security though they use them regularly for important works to do online. They do not analyze or check the extensions they use in their browser. This causes huge problems sometimes. Most commonly Data stealing.
The internet is full of greedy people and we must protect the applications we use to surf the internet.
happy learning fellas 