技术笔记
2020-11-02
浏览器扩展分析框架-扫描,分析Chrome,firefox和Brave扩展中的漏洞和intel
With ExtAnalysis you can :
- Download & Analyze Extensions From:
- Chrome Web Store
- Firefox Addons
- Analyze Installed Extensions of:
- Google Chrome
- Mozilla Firefox
- Opera Browser (Coming Soon)
- Upload and Scan Extensions. Supported formats:
- .crx
- .xpi
- .zip
Features of ExtAnalysis :
- View Basic Informations:
- Name, Author, Description and Version
- Manifest Viewer
- In depth permission information
- Extract Intels from files which include:
- URLs and domains
- IPv6 and IPv4 addresses
- Bitcoin addresses
- Email addresses
- File comments
- Base64 encoded strings
- View and Edit files. Supported file types:
- html
- json
- JavaScript
- css
- VirusTotal Scans For:
- URLs
- Domains
- Files
- RetireJS Vulnerability scan for JavaScript files
- Network graph of all files and URLs
- Reconnaissance tools for extracted URLs:
- Whois Scan
- HTTP headers viewer
- URL Source viewer
- GEO-IP location
- Some Fun Stuffs that include:
- Dark Mode
- Inbuilt chiptune player (Jam on to some classic chiptune while ExtAnalysis does the work)
How do I install it?
Installing ExtAnalysis is simple! It runs on python3, so make sure python3 and python3-pip are installed and follow these steps:
$ git clone https://github.com/Tuhinshubhra/ExtAnalysis
$ cd ExtAnalysis
$ pip3 install -r requirements.txtInstall ExtAnalysis
kali@kali:~$ git clone https://github.com/Tuhinshubhra/ExtAnalysis.git
Cloning into 'ExtAnalysis'...
remote: Enumerating objects: 30, done.
remote: Counting objects: 100% (30/30), done.
remote: Compressing objects: 100% (23/23), done.
remote: Total 638 (delta 7), reused 15 (delta 6), pack-reused 608
Receiving objects: 100% (638/638), 10.28 MiB | 4.95 MiB/s, done.
Resolving deltas: 100% (221/221), done.We'll need to install the requirements.txt file to get ExtAnalysis working, so use pip3 install -r to get the job done. And that's it for the installation.
kali@kali:~/Vcy/ExtAnalysis$ pip3 install -r requirements.txt
Requirement already satisfied: flask in /usr/lib/python3/dist-packages (from -r requirements.txt (line 1)) (1.1.2)
Collecting python-whois
Downloading python-whois-0.7.3.tar.gz (91 kB)
|████████████████████████████████| 91 kB 5.0 kB/s
Collecting futures
Downloading futures-3.1.1-py3-none-any.whl (2.8 kB)
Requirement already satisfied: requests in /usr/lib/python3/dist-packages (from -r requirements.txt (line 4)) (2.24.0)
Requirement already satisfied: maxminddb in /usr/lib/python3/dist-packages (from -r requirements.txt (line 5)) (1.4.1)
Requirement already satisfied: Flask-WTF in /usr/lib/python3/dist-packages (from -r requirements.txt (line 6)) (0.14.3)
Requirement already satisfied: future in /usr/lib/python3/dist-packages (from python-whois->-r requirements.txt (line 2)) (0.18.2)
Building wheels for collected packages: python-whois
Building wheel for python-whois (setup.py) ... done
Created wheel for python-whois: filename=python_whois-0.7.3-py3-none-any.whl size=87701 sha256=fa4e29f05773967ca0021d511a96a7b2f3a9dc7619585021553a26d88d360d39
Stored in directory: /home/kali/.cache/pip/wheels/7d/0b/b2/50bf00862456cf788d83cb6525be163d8bf753ca7968d8d50d
Successfully built python-whois
Installing collected packages: python-whois, futures
Successfully installed futures-3.1.1 python-whois-0.7.3
Run ExtAnalysis
kali@kali:~/Vcy/ExtAnalysis$ python3 extanalysis.py
_____ _ _____ _ _
| __|_ _| |_| _ |___ ___| |_ _ ___|_|___
| __|_'_| _| | | .'| | | |_ -| |_ -|
|_____|_,_|_| |__|__|_|_|__,|_|_ |___|_|___|
=> Browser Extension Analysis |___| Framework
=> Version 1.0.4 By r3dhax0r
[i] Created empty reports file
[!] Virustotal api was not specified... Files won't be scanned
[i] Creating lab directory: /home/kali/Vcy/ExtAnalysis/lab
[~] Starting ExtAnalysis at: http://127.0.0.1:13337
* Serving Flask app "ExtAnalysis - Browser Extension Analysis Toolkit" (lazy loading)
* Environment: production
WARNING: This is a development server. Do not use it in a production deployment.
Use a production WSGI server instead.
* Debug mode: off
