技术笔记

浏览器扩展分析框架-扫描,分析Chrome,firefox和Brave扩展中的漏洞和intel

With ExtAnalysis you can :

  • Download & Analyze Extensions From:
    • Chrome Web Store
    • Firefox Addons
  • Analyze Installed Extensions of:
    • Google Chrome
    • Mozilla Firefox
    • Opera Browser (Coming Soon)
  • Upload and Scan Extensions. Supported formats:
    • .crx
    • .xpi
    • .zip

Features of ExtAnalysis :

  • View Basic Informations:
    • Name, Author, Description and Version
  • Manifest Viewer
  • In depth permission information
  • Extract Intels from files which include:
    • URLs and domains
    • IPv6 and IPv4 addresses
    • Bitcoin addresses
    • Email addresses
    • File comments
    • Base64 encoded strings
  • View and Edit files. Supported file types:
    • html
    • json
    • JavaScript
    • css
  • VirusTotal Scans For:
    • URLs
    • Domains
    • Files
  • RetireJS Vulnerability scan for JavaScript files
  • Network graph of all files and URLs
  • Reconnaissance tools for extracted URLs:
    • Whois Scan
    • HTTP headers viewer
    • URL Source viewer
    • GEO-IP location
  • Some Fun Stuffs that include:
    • Dark Mode
    • Inbuilt chiptune player (Jam on to some classic chiptune while ExtAnalysis does the work)

How do I install it?

Installing ExtAnalysis is simple! It runs on python3, so make sure python3 and python3-pip are installed and follow these steps:

$ git clone https://github.com/Tuhinshubhra/ExtAnalysis

$ cd ExtAnalysis

$ pip3 install -r requirements.txt

Install ExtAnalysis

kali@kali:~$ git clone https://github.com/Tuhinshubhra/ExtAnalysis.git

Cloning into 'ExtAnalysis'...
remote: Enumerating objects: 30, done.
remote: Counting objects: 100% (30/30), done.
remote: Compressing objects: 100% (23/23), done.
remote: Total 638 (delta 7), reused 15 (delta 6), pack-reused 608
Receiving objects: 100% (638/638), 10.28 MiB | 4.95 MiB/s, done.
Resolving deltas: 100% (221/221), done.

We'll need to install the requirements.txt file to get ExtAnalysis working, so use pip3 install -r to get the job done. And that's it for the installation.

kali@kali:~/Vcy/ExtAnalysis$ pip3 install -r requirements.txt
Requirement already satisfied: flask in /usr/lib/python3/dist-packages (from -r requirements.txt (line 1)) (1.1.2)
Collecting python-whois
  Downloading python-whois-0.7.3.tar.gz (91 kB)
     |████████████████████████████████| 91 kB 5.0 kB/s 
Collecting futures
  Downloading futures-3.1.1-py3-none-any.whl (2.8 kB)
Requirement already satisfied: requests in /usr/lib/python3/dist-packages (from -r requirements.txt (line 4)) (2.24.0)
Requirement already satisfied: maxminddb in /usr/lib/python3/dist-packages (from -r requirements.txt (line 5)) (1.4.1)
Requirement already satisfied: Flask-WTF in /usr/lib/python3/dist-packages (from -r requirements.txt (line 6)) (0.14.3)
Requirement already satisfied: future in /usr/lib/python3/dist-packages (from python-whois->-r requirements.txt (line 2)) (0.18.2)
Building wheels for collected packages: python-whois
  Building wheel for python-whois (setup.py) ... done
  Created wheel for python-whois: filename=python_whois-0.7.3-py3-none-any.whl size=87701 sha256=fa4e29f05773967ca0021d511a96a7b2f3a9dc7619585021553a26d88d360d39
  Stored in directory: /home/kali/.cache/pip/wheels/7d/0b/b2/50bf00862456cf788d83cb6525be163d8bf753ca7968d8d50d
Successfully built python-whois
Installing collected packages: python-whois, futures
Successfully installed futures-3.1.1 python-whois-0.7.3

Run ExtAnalysis

kali@kali:~/Vcy/ExtAnalysis$ python3 extanalysis.py

     _____     _   _____         _         _
    |   __|_ _| |_|  _  |___ ___| |_ _ ___|_|___
    |   __|_'_|  _|     |   | .'| | | |_ -| |_ -|
    |_____|_,_|_| |__|__|_|_|__,|_|_  |___|_|___|
    => Browser Extension Analysis |___| Framework
    => Version 1.0.4 By r3dhax0r

    
[i] Created empty reports file
[!] Virustotal api was not specified... Files won't be scanned
[i] Creating lab directory: /home/kali/Vcy/ExtAnalysis/lab

[~] Starting ExtAnalysis at: http://127.0.0.1:13337 


 * Serving Flask app "ExtAnalysis - Browser Extension Analysis Toolkit" (lazy loading)
 * Environment: production
   WARNING: This is a development server. Do not use it in a production deployment.
   Use a production WSGI server instead.
 * Debug mode: off

admin
我还没有学会写个人说明!
查看“admin”的所有文章 →

发表评论

电子邮件地址不会被公开。 必填项已用*标注

相关推荐