Please submit an extension above to begin

tarnish

The Chrome Extension Analyzer

Analyzing extension...

Your extension is in the queue to be analyzed, please wait...
(this may take a few minutes, grab a coffee for big extensions)

Pushing results to your browser...

Your extension has been analyzed! Results are now being pushed to your browser.
(this may take a few seconds depending on your connection speed)

Known Vulnerable Libraries ( 
retire.js
)

{{vulnerability.definition_name}} {{vulnerability.version}} Vulnerable Library

{{vulnerability.definition_name}} {{vulnerability.version}}

Location: /{{vulnerability.file_path}}
URI: chrome-extension://{{extension_id}}/{{vulnerability.file_path}}
Risk Rating: High Risk Rating: Medium Risk Rating: Low
Summary: {{vulnerability.vulnerability.identifiers.summary}}

CVE(s):

OSVDB ID(s):

  • {{osvdb}}

Further Information:

Extension Permission Warning(s)

Permission Install Warning Text Note(s)
{{permission.permission}} 
{{permission.warning_text}}

manifest.json

Policy Contents
{{report_data.manifest_text}}

Entry Point(s)

Filters
  • {{visible_entity_name}}
{{entrypoint.indicator.name}}

Description: 

{{entrypoint.context_block}}

Note: Line numbers are for "beautified extension". You can download this version via the menu on the left-side of the page..
Further Resource(s):
Location: /{{entrypoint.javascript_path}}
URI: chrome-extension://{{extension_id}}/{{entrypoint.javascript_path}}
Content Script Background Script Browser Action (Popup) Script
Content Script URI Match(es):
  • {{match_url_pattern}}
Included in the following HTML page(s):
  • chrome-extension://{{extension_id}}/{{html_page_path}} Web Accessible Navigation Blocked Background Page

Dangerous Function(s)

Filters
  • {{visible_entity_name}}
{{dangerousfunction.indicator.name}}

Description: 

{{dangerousfunction.context_block}}

Note: Line numbers are for "beautified extension". You can download this version via the menu on the left-side of the page..
Further Resource(s):
Location: /{{dangerousfunction.javascript_path}}
URI: chrome-extension://{{extension_id}}/{{dangerousfunction.javascript_path}}
Content Script Background Script Browser Action (Popup) Script
Content Script URI Match(es):
  • {{match_url_pattern}}
Included in the following HTML page(s):
  • chrome-extension://{{extension_id}}/{{html_page_path}} Web Accessible Navigation Blocked Background Page

Content Security Policy (CSP) Report

{{report_data.content_security_policy}}
{{csp_issue.name}}

Risk: {{csp_issue.risk.toUpperCase()}}
Description: {{csp_issue.description}}

Special thanks to Moloch for the Python CSP-Bypass library and the following folks for their CSP-bypass lists: Google's CSP Evaluator Core Library, GoSecure CSP Auditor, and Mozilla HTTP Observatory.

Extension Fingerprinting

Fingerprintable Resource(s)

List of fingerprintable extension URI(s):

  • chrome-extension://{{extension_id}}/{{web_accessible_resources_path}}

Fingerprinting JavaScript 
{{report_data.fingerprint_js}}
{{view_file_filename}} 
                      {{view_file_contents}}

Potentially Clickjackable Page(s)

Enumerated HTML Resources With web_accessible_resources Set

The following HTML pages were found to have the web_accessible_resources directive set. This directive allows for the iframing of these pages in external web pages. If any of these pages contain sensitive application UI, the UI could potentially be redressed to perform a clickjacking attack. Note that these results must be validated and are context specific.

  • chrome-extension://{{extension_id}}/{{html_page}}