ciilcijdmepbaiocfaacfcmcnkdhjnag
Scanning website for vulnerable js libraries. Icon by studiomx Retire.js Security Scanner is a Chrome extension that helps you detect outdated and vulnerable JavaScript libraries running on websites. This tool uses the Retire.js vulnerability database and scanning engine to identify libraries like jQuery, AngularJS, React, and many others that are known to have security flaws. ### Features: - ✅ Passive scan of all visited websites - ✅ Checks for known vulnerabilities in JavaScript libraries - ✅ Works offline using a local copy of the Retire.js signature database - ✅ Minimal impact on browser performance This extension does **not collect or transmit** any user data. It runs entirely in your browser.
Bug Hunter Toolkit
Professional bug hunting and penetration testing toolkit with essential security tools 🧠 Bug Hunter Toolkit – The Ultimate Browser Toolkit for Security Professionals Bug Hunter Toolkit is a powerful Chrome extension that brings together essential penetration testing and bug bounty tools into one unified interface. Designed for security researchers and ethical hackers, it offers a sleek, terminal-inspired dashboard where you can access multiple web-based tools without switching tabs. Stay focused, work faster, and manage all your reconnaissance, scanning, and testing tools directly from your browser. 🧩 All-in-One Toolkit: Access multiple bug bounty and pentesting utilities — from recon to exploitation — in a single dashboard. 🖥️ Terminal-Inspired Interface: Minimal, hacker-style UI built for professionals who love a dark, efficient workspace. 🚀 Fast and Lightweight: Runs directly inside your browser with no setup or configuration needed. 🔐 Private & Secure: No personal data collection. Tools load directly in your browser environment. 📂 Organized Categories: Navigate easily through Recon, Exploitation, Post-Exploitation, and other tool groups. 🧰 Ideal For Red-team and blue-team professionals Install the Bug Hunter Toolkit extension. Open the dashboard from your browser. Launch your favorite tools directly from the interface. 💬 Why You’ll Love It Bug Hunter Toolkit gives you the speed and organization you need for professional testing. It keeps your entire workflow in one place — so you can focus on finding vulnerabilities, not managing tools. Simplify your workflow. Enhance your efficiency. Hunt smarter.
DotGit
An extension for checking if .git is exposed in visited websites An extension for checking if .git is exposed in visited websites - Check if a .git/.svn/.hg folder exists for each site you visit - Check if a .env file exists for each site you visit - Check if a .DS_Store file exists for each site you visit - Check if the site is open source (github/gitlab) - Check if the site has security.txt - You will be notified when a folder is found - List of exposed sites found - Download the entire .git folder in zip format, even if the files are not listed on the site - View .git/config with one click - Options for: colors, notifications and downloads Some checks are turned off by default, open the settings to turn them on Source code: https://github.com/davtur19/DotGit
Shodan
The Shodan plugin tells you where the website is hosted (country, city), who owns the IP and what other services/ ports are open. The Shodan plugin for Chrome automatically checks whether Shodan has any information for the current website. Is the website also running FTP, DNS, SSH or some unusual service? With this plugin you can see all the info that Shodan has collected on a given website/ domain.
JS Vulnerability Detector
JavaSript Vulnerability Detector is a result of my Master Thesis at Brno University of Technology, Faculty of Information technology, graduation year 2022. The extension aims to add security features to the end-users of various websites containing vulnerable JavaScript library code. The principle of extension is following: 1. After page loads the extension scans all the JavaScript contained on the page and sends it to background script for processing. 2. If the script contains a known vulnerability (initial version focuses mostly on jQuery), it is tracked and shown in the extension popup. After detection the vulnerable script can be blocked, patched or left as is and only tracked. All data is stored locally and can be cleared by a "Clear" button in the extension popup. There is no server communication going on, no data leaves the browser. Extension runs in 4 modes: 1. disabled - no action 2. analyze - standard analysis only mode - no patching or blocking of vulnerable scripts 3. bloc - vulnerable scripts are removed from website 4. repair - experimental, vulnerable scripts are patched if possible Currently it can detect vulnerable versions of jQuery (all up to 3.5.0) and repair them by updating them in runtime to 3.5.0 and couple more (around 30, including some of lodash, remarkjs, axios, handlebars and other vulnerabilities).
