javasript vulnerability detector is a result of my Master Thesis at Brno University of Technology, Faculty of Information….
JavaSript Vulnerability Detector is a result of my Master Thesis at Brno University of Technology, Faculty of information technology, graduation year 2022. The extension aims to add security features to the end-users of various websites containing vulnerable javascript library code. The principle of extension is following:
1. After page loads the extension scans all the javascript contained on the page and sends it to background script for processing.
2. If the script contains a known vulnerability (initial version focuses mostly on jQuery), it is tracked and shown in the extension popup. After detection the vulnerable script can be blocked, patched or left as is and only tracked.
All data is stored locally and can be cleared by a "Clear" button in the extension popup. There is no server communication going on, no data leaves the browser.
Extension runs in 4 modes:
1. disabled - no action
2. analyze - standard analysis only mode - no patching or blocking of vulnerable scripts
3. bloc - vulnerable scripts are removed from website
4. repair - experimental, vulnerable scripts are patched if possible
Currently it can detect vulnerable versions of jQuery (all up to 3.5.0) and repair them by updating them in runtime to 3.5.0 and couple more (around 30, including some of lodash, remarkjs, axios, handlebars and other vulnerabilities).
Source codes are open, available at https://github.com/xrandy00/mt_2022
You can Follow the below Step By Step procedure to install the JS Vulnerability Detector Chrome Extension to your Chrome Web browser.
It is the JS Vulnerability Detector Chrome extension download link you can download and install Chrome Browser.
Tags: Add Security Features , Javasript Vulnerability Detector , Background Script , Extension Popup , Master Thesis , Vulnerable Javascript , Various Websites , Graduation Year , Library Code , Vulnerable Script , Brno University , Vulnerable Scripts , Remarkjs Axios ,
Chrome extension to check for the 'Shellshock' CVE-2014-6271 & CVE-2014-7169 vulnerability.
Tiny vulnerability scanner based on vulners.com vulnerability database. Passively scan websites while you surf internet!
See all Dependabot alerts for one or more Github organizations.
Boost your user profile with the #be browser detector.
Language Detector and Convertor
Der Fake-Shop Detector schützt Sie vor Fake-Shops und Markenfälschern!
Test de betrouwbaarheid van een website met twee drukken op de knop. Voorkom internetoplichting.
Allows the user to get information from Contrast conveniently in a Chrome extension
Search websites for git repos, exposed config files, and more as you browse.
IP Detector shows your current IP address and displays your location on the map.