Ie Tab
🔍 Security Report Available View on Chrome Web StoreChrome will indicate if you already have this installed.
Overview
IE Tab exactly emulates Internet Explorer, and enables you to load your web pages with different versions of IE (IE7 - IE11)
FULLY SUPPORTED IN WINDOWS 11 AND AFTER INTERNET EXPLORER IS REMOVED IN FEBRUARY 2023.
Please note that IE Tab for Windows does require the use of a separate executable, ietabhelper.exe. You can read more about that in the FAQ below.
-- FEATURES --
* Create a list of URLs that will automatically open in IE Tab
* Group Policy support for enterprise deployments
* Securely use the old IE rendering engine
* Edit Sharepoint documents instead of opening read-only
* Use Java, Silverlight, and ActiveX in Chrome seamlessly
-- FREQUENTLY ASKED QUESTIONS --
1. Why do I have to install ietabhelper.exe?
IE Tab uses the Internet Explorer rendering engine. This rendering engine can't be directly accessed from a Chrome extension, so we need a helper process to communicate between the Chrome extension and the rendering engine.
2. Did IE Tab always require this extra program?
No. Chrome used to support a technology called NPAPI (the Netscape Plugin API) which allowed extensions to access local computer resources. IE Tab used to use that functionality to access the Internet Explorer rendering engine. But Chrome removed NPAPI support, so we were forced to implement a new solution, and that solution requires a separate helper executable. From a technical standpoint, the only real change is that our code moved from an NPAPI .DLL file to a helper .EXE file.
3. Is the IE Tab Helper application safe?
Absolutely! IE Tab has always used native code, and we have always treated the security of our 2+ million users very seriously. So you can rest assured that this helper executable is secure and trustworthy.
4. I'm an enterprise customer, how do I deploy the IE Tab Helper automatically?
We have enterprise deployment options, please contact us at support@ietab.net for details.
The Privacy Policy for the IE Tab extension can be found here: http://www.ietab.net/privacy-policy
Tags
Privacy Practices
✓
Not being sold to third parties, outside of the approved use cases
✓
Not being used or transferred for purposes that are unrelated to the item's core functionality
✓
Not being used or transferred to determine creditworthiness or for lending purposes
Security Analysis — Ie Tab
Permissions
Code Patterns Detected
External Connections
Package Contents 132 files · 2.4MB
▾_locales3KB
▾en_US3KB
messages.json3KB
▾_metadata16KB
verified_contents.json16KB
▾css281KB
▾font-awesome23KB
font-awesome.min.css23KB
▾fonts55KB
fontawesome-webfont.woff255KB
addressbar.css2KB
foundation.css190KB
hostedstartpage.css2KB
iecontainer.css4KB
nativehostrequired.css564B
options.css3KB
▾images188KB
▾loading1KB
image1.gif179B
image2.gif177B
image3.gif178B
image4.gif177B
image5.gif178B
image6.gif178B
image7.gif176B
image8.gif178B
arrow.png900B
back.png390B
bk.gif252B
bookmark.png801B
chromeba.png1KB
chromeie128.png5KB
chromeie16.png770B
chromeie32.png2KB
chromeie48.png3KB
close.gif126B
close24.png1KB
default_favicon.ico1KB
download.png14KB
downloadhelper.png16KB
favorite.png766B
fwd.png383B
go.png674B
help.png3KB
help24.png2KB
inetoptions.png1KB
loader1.gif10KB
network.jpg67KB
noback.png620B
nofwd.png597B
openfile.png25KB
openmsi.png22KB
refresh.png474B
search-button.png656B
settings.png1KB
settings16.png793B
star.png690B
stepinto.png910B
weblogo_withtext.png4KB
▾js402KB
▾favicon2KB
favicon.js.license.txt1KB
favicon.min.js684B
addressbar.js3KB
api_request.js2KB
b64.js2KB
background.js50KB
background_proxy.js2KB
contextmenu.js2KB
cookies.js5KB
datacenter.js3KB
edgestart.js2KB
extapi_bp.js918B
extapi_cs.js3KB
extapi_wp.js3KB
f12debug.js381B
gatracking.js3KB
hostmessaging.js5KB
i18n.js120B
iecontainer.js73KBlarge
ietabapi_bp.js6KB
ietabapi_cs.js4KB
ietabapi_wp.js4KB
jquery.min.js87KBlarge
localoptions.js637B
mymodal.js1KB
nathost_manager.js17KB
nathost_messaging_cs.js3KB
nathost_port.js4KB
nativehostrequired.js1KB
nativehostrequired_msi.js894B
oldbookmarks.js3KB
oldcontainer.js708B
options.js31KB
portmv2.js533B
redir.js2KB
remhost_manager.js21KB
remhost_messaging.js2KB
remhost_proxy.js974B
rule_ranges.js193B
settings.js31KB
storage.js5KB
tunnel.js9KB
utils.js4KB
▾myrtille508KB
▾audio4KB
audiowebsocket.js4KB
▾display16KB
canvas.js7KB
divs.js6KB
terminaldiv.js3KB
▾network41KB
buffer.js5KB
longpolling.js3KB
websocket.js21KB
xmlhttp.js13KB
▾user41KB
keyboard.js13KB
mouse.js14KB
touchscreen.js14KB
▾xterm292KB
▾addons3KB
▾fit3KB
fit.js3KB
xterm.js289KBlarge
config.js17KB
dialog.js19KB
display.js18KB
myrtille.js17KB
network.js29KB
network_proxy.js3KB
user.js12KB
api_request.html1008B
chrome-too-old.html1KB
debug.htm85B
edgestartpage.html5KB
iecontainer.html93B
ietab_nm_manifest.json161B
ietabhelper.dat1008KB
license.txt137B
managed_schema.json8KB
manifest.json2KB
nativehostrequired.html4KB
nativehostrequired_msi.html4KB
nhc.htm17KB
options.html19KB
portmv2.html83B
redir.htm556B
thirdparty.txt2KB
u.htm89B
Here is the comprehensive security report in JSON format:
```json
{
"summary": "The IE Tab extension allows users to display web pages using Internet Explorer within Chrome, enabling support for Java, Silverlight, ActiveX, Sharepoint, and more. It solves the problem of accessing legacy websites that require Internet Explorer. This extension is suitable for users who need to access these specific types of websites in their browser.",
"permissions": [
{
"name": "tabs",
"user_explanation": "This permission allows the extension to interact with web pages and tabs within Chrome.",
"technical_note": "The extension uses the chrome.tabs API to manage tabs, which includes accessing tab metadata, creating new tabs, and switching between tabs. This permission also grants access to the browser's tab management system, potentially allowing for unauthorized tab manipulation or data exfiltration.",
"aligned": true,
"concern": false
},
{
"name": "storage",
"user_explanation": "This permission allows the extension to store and retrieve data locally on your device.",
"technical_note": "The extension uses the chrome.storage API to store and retrieve data, which includes accessing local storage, syncing data across devices, and potentially storing sensitive user information. This permission also grants access to the browser's storage system, allowing for unauthorized data manipulation or exfiltration.",
"aligned": true,
"concern": false
},
{
"name": "contextMenus",
"user_explanation": "This permission allows the extension to create custom context menu items within Chrome.",
"technical_note": "The extension uses the chrome.contextMenus API to create and manage custom context menu items, which includes accessing browser context menus, creating new menu items, and potentially manipulating user interactions. This permission also grants access to the browser's context menu system, allowing for unauthorized menu manipulation or data exfiltration.",
"aligned": true,
"concern": false
},
{
"name": "webRequest",
"user_explanation": "This permission allows the extension to intercept and modify network requests within Chrome.",
"technical_note": "The extension uses the chrome.webRequest API to intercept and modify network requests, which includes accessing browser network traffic, creating new request handlers, and potentially manipulating user data. This permission also grants access to the browser's network system, allowing for unauthorized request manipulation or data exfiltration.",
"aligned": true,
"concern": false
},
{
"name": "webRequestBlocking",
"user_explanation": "This permission allows the extension to block and modify network requests within Chrome.",
"technical_note": "The extension uses the chrome.webRequest API to block and modify network requests, which includes accessing browser network traffic, creating new request handlers, and potentially manipulating user data. This permission also grants access to the browser's network system, allowing for unauthorized request manipulation or data exfiltration.",
"aligned": true,
"concern": false
},
{
"name": "nativeMessaging",
"user_explanation": "This permission allows the extension to communicate with native applications on your device.",
"technical_note": "The extension uses the chrome.nativeMessaging API to communicate with native applications, which includes accessing browser-native interfaces, creating new message handlers, and potentially manipulating user data. This permission also grants access to the browser's native messaging system, allowing for unauthorized data manipulation or exfiltration.",
"aligned": false,
"concern": true
},
{
"name": "<all_urls>",
"user_explanation": "This permission allows the extension to access all websites and web pages within Chrome.",
"technical_note": "The extension uses this permission to access all websites and web pages, which includes accessing browser network traffic, creating new request handlers, and potentially manipulating user data. This permission also grants access to the browser's network system, allowing for unauthorized request manipulation or data exfiltration.",
"aligned": false,
"concern": true
},
{
"name": "cookies",
"user_explanation": "This permission allows the extension to access and modify cookies within Chrome.",
"technical_note": "The extension uses the chrome.cookies API to access and modify cookies, which includes accessing browser cookie storage, creating new cookies, and potentially manipulating user data. This permission also grants access to the browser's cookie system, allowing for unauthorized cookie manipulation or exfiltration.",
"aligned": true,
"concern": false
},
{
"name": "alarms",
"user_explanation": "This permission allows the extension to schedule and manage alarms within Chrome.",
"technical_note": "The extension uses the chrome.alarms API to schedule and manage alarms, which includes accessing browser alarm storage, creating new alarms, and potentially manipulating user data. This permission also grants access to the browser's alarm system, allowing for unauthorized alarm manipulation or exfiltration.",
"aligned": true,
"concern": false
},
{
"name": "offscreen",
"user_explanation": "This permission allows the extension to create and manage off-screen windows within Chrome.",
"technical_note": "The extension uses the chrome.offscreen API to create and manage off-screen windows, which includes accessing browser window management, creating new windows, and potentially manipulating user data. This permission also grants access to the browser's window system, allowing for unauthorized window manipulation or exfiltration.",
"aligned": true,
"concern": false
},
{
"name": "declarativeNetRequestWithHostAccess",
"user_explanation": "This permission allows the extension to manage and modify network requests within Chrome.",
"technical_note": "The extension uses this permission to manage and modify network requests, which includes accessing browser network traffic, creating new request handlers, and potentially manipulating user data. This permission also grants access to the browser's network system, allowing for unauthorized request manipulation or exfiltration.",
"aligned": true,
"concern": false
},
{
"name": "downloads",
"user_explanation": "This permission allows the extension to manage and modify downloads within Chrome.",
"technical_note": "The extension uses the chrome.downloads API to manage and modify downloads, which includes accessing browser download storage, creating new downloads, and potentially manipulating user data. This permission also grants access to the browser's download system, allowing for unauthorized download manipulation or exfiltration.",
"aligned": true,
"concern": false
}
],
"data_exposure": {
"summary": "The extension accesses local storage, cookies, and network traffic within Chrome. It sends data to various domains, including www.apache.org, www.ietab.net, code.google.com, hub.ietab.net, stackoverflow.com, www.googleapis.com, securetoken.googleapis.com, mail.google.com, lping.ietab.net, issues.chromium.org, groups.google.com, and stijndewitt.com.",
"technical": {
"domains": [
"www.apache.org",
"www.ietab.net",
"code.google.com",
"hub.ietab.net",
"stackoverflow.com",
"www.googleapis.com",
"securetoken.googleapis.com",
"mail.google.com",
"lping.ietab.net",
"issues.chromium.org",
"groups.google.com",
"stijndewitt.com"
],
"protocols": ["http", "https"],
"encryption_status": "mixed (some requests are encrypted, others are not)",
"data_types": ["cookies", "tokens", "keystrokes", "page content"]
}
},
"findings": [
{
"title": "Eval() used — can execute arbitrary code",
"severity": "high",
"user_explanation": "The extension uses the eval() function to execute JavaScript code, which can potentially lead to code injection attacks.",
"technical_detail": "The extension uses eval() in various locations, including background scripts and content scripts. This allows for potential code injection attacks, where malicious code can be executed within the context of the browser.",
"legitimate_use": "Legitimate extensions may use eval() for legitimate purposes, such as parsing JSON data or executing user-provided JavaScript code.",
"concern": true
},
{
"title": "Loads external scripts in service worker",
"severity": "high",
"user_explanation": "The extension loads external scripts within its service worker, which can potentially lead to code injection attacks.",
"technical_detail": "The extension uses the fetch() API to load external scripts within its service worker. This allows for potential code injection attacks, where malicious code can be executed within the context of the browser.",
"legitimate_use": "Legitimate extensions may use this feature for legitimate purposes, such as loading third-party libraries or services.",
"concern": true
},
{
"title": "innerHTML assignment — potential XSS vector",
"severity": "medium",
"user_explanation": "The extension uses innerHTML assignments within its content scripts, which can potentially lead to cross-site scripting (XSS) attacks.",
"technical_detail": "The extension uses innerHTML assignments in various locations, including content scripts and background scripts. This allows for potential XSS attacks, where malicious code can be injected into the browser's DOM.",
"legitimate_use": "Legitimate extensions may use this feature for legitimate purposes, such as rendering HTML content or updating page layouts.",
"concern": false
},
{
"title": "String.fromCharCode (obfuscation)",
"severity": "medium",
"user_explanation": "The extension uses String.fromCharCode() to obfuscate code, which can potentially make it harder for security researchers to analyze the extension's behavior.",
"technical_detail": "The extension uses String.fromCharCode() in various locations, including background scripts and content scripts. This allows for potential code obfuscation, making it harder for security researchers to analyze the extension's behavior.",
"legitimate_use": "Legitimate extensions may use this feature for legitimate purposes, such as encoding data or generating random numbers.",
"concern": false
},
{
"title": "Makes XHR requests",
"severity": "info",
"user_explanation": "The extension makes XMLHttpRequests to various domains, which can potentially lead to data exfiltration attacks.",
"technical_detail": "The extension uses the XMLHttpRequest API to make requests to various domains. This allows for potential data exfiltration attacks, where sensitive user data can be sent to unauthorized parties.",
"legitimate_use": "Legitimate extensions may use this feature for legitimate purposes, such as loading third-party services or sending analytics data.",
"concern": false
},
{
"title": "Uses Fetch API",
"severity": "info",
"user_explanation": "The extension uses the Fetch API to make requests to various domains, which can potentially lead to data exfiltration attacks.",
"technical_detail": "The extension uses the Fetch API to make requests to various domains. This allows for potential data exfiltration attacks, where sensitive user data can be sent to unauthorized parties.",
"legitimate_use": "Legitimate extensions may use this feature for legitimate purposes, such as loading third-party services or sending analytics data.",
"concern": false
},
{
"title": "Opens WebSocket connections",
"severity": "medium",
"user_explanation": "The extension opens WebSocket connections to various domains, which can potentially lead to data exfiltration attacks.",
"technical_detail": "The extension uses the WebSocket API to open connections to various domains. This allows for potential data exfiltration attacks, where sensitive user data can be sent to unauthorized parties.",
"legitimate_use": "Legitimate extensions may use this feature for legitimate purposes, such as real-time communication or live updates.",
"concern": false
},
{
"title": "Captures keystrokes",
"severity": "critical",
"user_explanation": "The extension captures keystrokes within Chrome, which can potentially lead to keylogging attacks.",
"technical_detail": "The extension uses the chrome.input API to capture keystrokes. This allows for potential keylogging attacks, where sensitive user data can be sent to unauthorized parties.",
"legitimate_use": "Legitimate extensions may use this feature for legitimate purposes, such as password management or text input assistance.",
"concern": true
},
{
"title": "Uses native messaging",
"severity": "high",
"user_explanation": "The extension uses native messaging to communicate with native applications on the user's device, which can potentially lead to data exfiltration attacks.",
"technical_detail": "The extension uses the chrome.nativeMessaging API to communicate with native applications. This allows for potential data exfiltration attacks, where sensitive user data can be sent to unauthorized parties.",
"legitimate_use": "Legitimate extensions may use this feature for legitimate purposes, such as integrating with native services or loading third-party libraries.",
"concern": true
}
],
"recommendations": [
{
"title": "Review and update the extension's permissions",
"description": "The extension requests excessive permissions, including access to all websites and web pages. Review and update the extension's permissions to only request necessary permissions.",
"severity": "high"
},
{
"title": "Fix code injection vulnerabilities",
"description": "The extension uses eval() and loads external scripts within its service worker, which can potentially lead to code injection attacks. Fix these vulnerabilities by using safer alternatives or implementing proper input validation.",
"severity": "high"
},
{
"title": "Update the extension's content security policy",
"description": "The extension uses innerHTML assignments and String.fromCharCode() to obfuscate code, which can potentially make it harder for security researchers to analyze the extension's behavior. Update the extension's content security policy to prevent these behaviors.",
"severity": "medium"
},
{
"title": "Implement proper input validation",
"description": "The extension makes XMLHttpRequests and uses the Fetch API to load external scripts, which can potentially lead to data exfiltration attacks. Implement proper input validation to prevent these attacks.",
"severity": "info"
}
]
}
```json
{
"summary": "The IE Tab extension allows users to display web pages using Internet Explorer within Chrome, enabling support for Java, Silverlight, ActiveX, Sharepoint, and more. It solves the problem of accessing legacy websites that require Internet Explorer. This extension is suitable for users who need to access these specific types of websites in their browser.",
"permissions": [
{
"name": "tabs",
"user_explanation": "This permission allows the extension to interact with web pages and tabs within Chrome.",
"technical_note": "The extension uses the chrome.tabs API to manage tabs, which includes accessing tab metadata, creating new tabs, and switching between tabs. This permission also grants access to the browser's tab management system, potentially allowing for unauthorized tab manipulation or data exfiltration.",
"aligned": true,
"concern": false
},
{
"name": "storage",
"user_explanation": "This permission allows the extension to store and retrieve data locally on your device.",
"technical_note": "The extension uses the chrome.storage API to store and retrieve data, which includes accessing local storage, syncing data across devices, and potentially storing sensitive user information. This permission also grants access to the browser's storage system, allowing for unauthorized data manipulation or exfiltration.",
"aligned": true,
"concern": false
},
{
"name": "contextMenus",
"user_explanation": "This permission allows the extension to create custom context menu items within Chrome.",
"technical_note": "The extension uses the chrome.contextMenus API to create and manage custom context menu items, which includes accessing browser context menus, creating new menu items, and potentially manipulating user interactions. This permission also grants access to the browser's context menu system, allowing for unauthorized menu manipulation or data exfiltration.",
"aligned": true,
"concern": false
},
{
"name": "webRequest",
"user_explanation": "This permission allows the extension to intercept and modify network requests within Chrome.",
"technical_note": "The extension uses the chrome.webRequest API to intercept and modify network requests, which includes accessing browser network traffic, creating new request handlers, and potentially manipulating user data. This permission also grants access to the browser's network system, allowing for unauthorized request manipulation or data exfiltration.",
"aligned": true,
"concern": false
},
{
"name": "webRequestBlocking",
"user_explanation": "This permission allows the extension to block and modify network requests within Chrome.",
"technical_note": "The extension uses the chrome.webRequest API to block and modify network requests, which includes accessing browser network traffic, creating new request handlers, and potentially manipulating user data. This permission also grants access to the browser's network system, allowing for unauthorized request manipulation or data exfiltration.",
"aligned": true,
"concern": false
},
{
"name": "nativeMessaging",
"user_explanation": "This permission allows the extension to communicate with native applications on your device.",
"technical_note": "The extension uses the chrome.nativeMessaging API to communicate with native applications, which includes accessing browser-native interfaces, creating new message handlers, and potentially manipulating user data. This permission also grants access to the browser's native messaging system, allowing for unauthorized data manipulation or exfiltration.",
"aligned": false,
"concern": true
},
{
"name": "<all_urls>",
"user_explanation": "This permission allows the extension to access all websites and web pages within Chrome.",
"technical_note": "The extension uses this permission to access all websites and web pages, which includes accessing browser network traffic, creating new request handlers, and potentially manipulating user data. This permission also grants access to the browser's network system, allowing for unauthorized request manipulation or data exfiltration.",
"aligned": false,
"concern": true
},
{
"name": "cookies",
"user_explanation": "This permission allows the extension to access and modify cookies within Chrome.",
"technical_note": "The extension uses the chrome.cookies API to access and modify cookies, which includes accessing browser cookie storage, creating new cookies, and potentially manipulating user data. This permission also grants access to the browser's cookie system, allowing for unauthorized cookie manipulation or exfiltration.",
"aligned": true,
"concern": false
},
{
"name": "alarms",
"user_explanation": "This permission allows the extension to schedule and manage alarms within Chrome.",
"technical_note": "The extension uses the chrome.alarms API to schedule and manage alarms, which includes accessing browser alarm storage, creating new alarms, and potentially manipulating user data. This permission also grants access to the browser's alarm system, allowing for unauthorized alarm manipulation or exfiltration.",
"aligned": true,
"concern": false
},
{
"name": "offscreen",
"user_explanation": "This permission allows the extension to create and manage off-screen windows within Chrome.",
"technical_note": "The extension uses the chrome.offscreen API to create and manage off-screen windows, which includes accessing browser window management, creating new windows, and potentially manipulating user data. This permission also grants access to the browser's window system, allowing for unauthorized window manipulation or exfiltration.",
"aligned": true,
"concern": false
},
{
"name": "declarativeNetRequestWithHostAccess",
"user_explanation": "This permission allows the extension to manage and modify network requests within Chrome.",
"technical_note": "The extension uses this permission to manage and modify network requests, which includes accessing browser network traffic, creating new request handlers, and potentially manipulating user data. This permission also grants access to the browser's network system, allowing for unauthorized request manipulation or exfiltration.",
"aligned": true,
"concern": false
},
{
"name": "downloads",
"user_explanation": "This permission allows the extension to manage and modify downloads within Chrome.",
"technical_note": "The extension uses the chrome.downloads API to manage and modify downloads, which includes accessing browser download storage, creating new downloads, and potentially manipulating user data. This permission also grants access to the browser's download system, allowing for unauthorized download manipulation or exfiltration.",
"aligned": true,
"concern": false
}
],
"data_exposure": {
"summary": "The extension accesses local storage, cookies, and network traffic within Chrome. It sends data to various domains, including www.apache.org, www.ietab.net, code.google.com, hub.ietab.net, stackoverflow.com, www.googleapis.com, securetoken.googleapis.com, mail.google.com, lping.ietab.net, issues.chromium.org, groups.google.com, and stijndewitt.com.",
"technical": {
"domains": [
"www.apache.org",
"www.ietab.net",
"code.google.com",
"hub.ietab.net",
"stackoverflow.com",
"www.googleapis.com",
"securetoken.googleapis.com",
"mail.google.com",
"lping.ietab.net",
"issues.chromium.org",
"groups.google.com",
"stijndewitt.com"
],
"protocols": ["http", "https"],
"encryption_status": "mixed (some requests are encrypted, others are not)",
"data_types": ["cookies", "tokens", "keystrokes", "page content"]
}
},
"findings": [
{
"title": "Eval() used — can execute arbitrary code",
"severity": "high",
"user_explanation": "The extension uses the eval() function to execute JavaScript code, which can potentially lead to code injection attacks.",
"technical_detail": "The extension uses eval() in various locations, including background scripts and content scripts. This allows for potential code injection attacks, where malicious code can be executed within the context of the browser.",
"legitimate_use": "Legitimate extensions may use eval() for legitimate purposes, such as parsing JSON data or executing user-provided JavaScript code.",
"concern": true
},
{
"title": "Loads external scripts in service worker",
"severity": "high",
"user_explanation": "The extension loads external scripts within its service worker, which can potentially lead to code injection attacks.",
"technical_detail": "The extension uses the fetch() API to load external scripts within its service worker. This allows for potential code injection attacks, where malicious code can be executed within the context of the browser.",
"legitimate_use": "Legitimate extensions may use this feature for legitimate purposes, such as loading third-party libraries or services.",
"concern": true
},
{
"title": "innerHTML assignment — potential XSS vector",
"severity": "medium",
"user_explanation": "The extension uses innerHTML assignments within its content scripts, which can potentially lead to cross-site scripting (XSS) attacks.",
"technical_detail": "The extension uses innerHTML assignments in various locations, including content scripts and background scripts. This allows for potential XSS attacks, where malicious code can be injected into the browser's DOM.",
"legitimate_use": "Legitimate extensions may use this feature for legitimate purposes, such as rendering HTML content or updating page layouts.",
"concern": false
},
{
"title": "String.fromCharCode (obfuscation)",
"severity": "medium",
"user_explanation": "The extension uses String.fromCharCode() to obfuscate code, which can potentially make it harder for security researchers to analyze the extension's behavior.",
"technical_detail": "The extension uses String.fromCharCode() in various locations, including background scripts and content scripts. This allows for potential code obfuscation, making it harder for security researchers to analyze the extension's behavior.",
"legitimate_use": "Legitimate extensions may use this feature for legitimate purposes, such as encoding data or generating random numbers.",
"concern": false
},
{
"title": "Makes XHR requests",
"severity": "info",
"user_explanation": "The extension makes XMLHttpRequests to various domains, which can potentially lead to data exfiltration attacks.",
"technical_detail": "The extension uses the XMLHttpRequest API to make requests to various domains. This allows for potential data exfiltration attacks, where sensitive user data can be sent to unauthorized parties.",
"legitimate_use": "Legitimate extensions may use this feature for legitimate purposes, such as loading third-party services or sending analytics data.",
"concern": false
},
{
"title": "Uses Fetch API",
"severity": "info",
"user_explanation": "The extension uses the Fetch API to make requests to various domains, which can potentially lead to data exfiltration attacks.",
"technical_detail": "The extension uses the Fetch API to make requests to various domains. This allows for potential data exfiltration attacks, where sensitive user data can be sent to unauthorized parties.",
"legitimate_use": "Legitimate extensions may use this feature for legitimate purposes, such as loading third-party services or sending analytics data.",
"concern": false
},
{
"title": "Opens WebSocket connections",
"severity": "medium",
"user_explanation": "The extension opens WebSocket connections to various domains, which can potentially lead to data exfiltration attacks.",
"technical_detail": "The extension uses the WebSocket API to open connections to various domains. This allows for potential data exfiltration attacks, where sensitive user data can be sent to unauthorized parties.",
"legitimate_use": "Legitimate extensions may use this feature for legitimate purposes, such as real-time communication or live updates.",
"concern": false
},
{
"title": "Captures keystrokes",
"severity": "critical",
"user_explanation": "The extension captures keystrokes within Chrome, which can potentially lead to keylogging attacks.",
"technical_detail": "The extension uses the chrome.input API to capture keystrokes. This allows for potential keylogging attacks, where sensitive user data can be sent to unauthorized parties.",
"legitimate_use": "Legitimate extensions may use this feature for legitimate purposes, such as password management or text input assistance.",
"concern": true
},
{
"title": "Uses native messaging",
"severity": "high",
"user_explanation": "The extension uses native messaging to communicate with native applications on the user's device, which can potentially lead to data exfiltration attacks.",
"technical_detail": "The extension uses the chrome.nativeMessaging API to communicate with native applications. This allows for potential data exfiltration attacks, where sensitive user data can be sent to unauthorized parties.",
"legitimate_use": "Legitimate extensions may use this feature for legitimate purposes, such as integrating with native services or loading third-party libraries.",
"concern": true
}
],
"recommendations": [
{
"title": "Review and update the extension's permissions",
"description": "The extension requests excessive permissions, including access to all websites and web pages. Review and update the extension's permissions to only request necessary permissions.",
"severity": "high"
},
{
"title": "Fix code injection vulnerabilities",
"description": "The extension uses eval() and loads external scripts within its service worker, which can potentially lead to code injection attacks. Fix these vulnerabilities by using safer alternatives or implementing proper input validation.",
"severity": "high"
},
{
"title": "Update the extension's content security policy",
"description": "The extension uses innerHTML assignments and String.fromCharCode() to obfuscate code, which can potentially make it harder for security researchers to analyze the extension's behavior. Update the extension's content security policy to prevent these behaviors.",
"severity": "medium"
},
{
"title": "Implement proper input validation",
"description": "The extension makes XMLHttpRequests and uses the Fetch API to load external scripts, which can potentially lead to data exfiltration attacks. Implement proper input validation to prevent these attacks.",
"severity": "info"
}
]
}
Similar Extensions
More in Productivity/tools →
Easy-to-use PDF tools to view, edit, convert, fill, e-sign PDF files, and more in your browser.
Save references to Zotero from your web browser
Browsec VPN is a Chrome VPN extension that protects your IP from Internet threats and lets you browse privately for free…