CFList

HTTP Nowhere

This extension upgrades non-secure connections (HTTP) to secure (HTTPS). If the web site does not correctly support HTTPS, Chrome will refuse to connect (with the usual interstitial warning page). Thus, this extension will make it hard to view some web sites. For maximum safety, you should also turn on Chrome’s Secure DNS (DNS over HTTPS) feature. There is no way (yet?) for an extension to turn this on for you, so you have to do it manually. To do so, go to the dots menu → Settings → Security, and then scroll down to Use Secure DNS. Select a provider or fill in your own. (You can also get to this setting by navigating to the URL chrome://settings/security?search=dns.) HTTP Nowhere is designed to be as simple as possible, and has no functionality other than upgrading connections. This is easy to see in the very short and simple implementation. It needs no special permissions or access to the web pages you view. There is nothing to configure; HTTP Nowhere is either on or off.

Sekant Web Security

De-risk web browsing with embedded runtime intelligence 80% of user time is spent in the browser, which is why 44% of cyber attacks involve them. It's time to re-think the security of your browser. Sekant secures the browser using embedded runtime models to detect threats in real-time. It covers 4 major use-cases, with more in the works: 1) Phishing Detection 2) ClickFix Prevention 3) Unsafe Downloads Blocking 4) Shadow AI Monitoring Phishing Detection: 5 ML/AI models work together to generate a phishing verdict (Suspicious or Unsafe). The 5 models cover -- URL, Content, Reputation, Brand, Vision. The Vision model uses a deep-learning model, so the extension embeds a runtime engine for evaluating this models. Remediation options can be configured when suspicious or unsafe sites are identified, ranging from reporting to admin console, warning the user or blocking the page. Advanced users can click on the "Further Investigation" page to do a look up on threat intelligence sites. ClickFix Prevention: All clipboard copy & cut events are analyzes them for potential malicious Powershell / Shell scripts. If malicious scripts are detected, it will generate a detailed report in a new tab that explains the threat. Again, remediation options can be configured to just report or warn the user. Block Unsafe Downloads: An embedded rule engine (YARA compatible) scans critical sections of the file in real-time—canceling unsafe downloads before they ever touch the operating system. Admins can customize the rules utilized based on company policy or threat research (e.g. block executables/scripts from unfamiliar sites, block executables with two file extensions, block encrypted zip files etc). Shadow AI Monitoring: Usage of AI chatbot pages can be monitored, with the ability to log user prompts, data paste events and file uploads. Admins can customize remediation to just report or warn users when they paste data or upload files. An experimental feature also tries to detect new AI chatbot pages based on page behavior. Enterprise features: * Telemetry Collection: Sekant can be configured to send highly enriched, event telemetry (e.g. phishing site detected) to a backend server for monitoring and forensic purposes. * Fleet wide configuration: Sekant can be configured with common options across the fleet * Rule Customization: Sekant can be configured with custom download rules, using YARA-compatible rules for content scanning and enhanced Sekant context for metadata evaluation * Remediation Customization: Sekant can be configured with individual remediation options per risk type (do nothing / report / warn / block [some cases])

Browser Inspector

View cookies, session storage, and local storage for the current website Ever wondered what cookies, local storage, and session storage data a website is using? Browser Inspector makes it easy to inspect and analyze this data in real time, directly from your Chrome browser. Key Features: ✅ View Cookies – Instantly see all cookies set by the current website, including their values, expiration dates, and attributes. ✅ Inspect Local Storage & Session Storage – Easily access and analyze stored data for debugging, optimization, and compliance checks. ✅ No Data Collection – The extension runs locally, ensuring your privacy and security. ✅ Designed for Digital Analysts & Developers – Ideal for digital analysts, marketers, and developers who need to audit website storage mechanisms for tracking, personalization, and performance. ✅ One-Click Access – Simply open the extension to view all storage data in a clean, structured format. 📊 Whether you're a digital analyst optimizing marketing campaigns, a developer debugging storage usage, or just a privacy-conscious user, Browser Inspector is the perfect tool for you!

DNSRator

DNS record viewer and IP geolocation lookup extension. DNSRator is a user-friendly Google Chrome browser extension developed for web developers, cybersecurity professionals, and network administrators. This extension allows you to view the DNS (Domain Name System) records of the websites you visit directly through your browser, providing valuable insights. Quick and Easy Access: You no longer need external tools or command-line interfaces to access website DNS records. With a single click, you can instantly access all important DNS records (A, MX, CNAME, TXT, etc.). Security Analysis: When evaluating the trustworthiness of a website, DNS records (such as SPF, DKIM, DMARC) offer important clues. DNSRator allows you to easily examine these records, helping you to be more aware of potential phishing or email spoofing attempts. Education and Learning: For students and beginners who want to understand the DNS system, DNSRator provides a practical and visual learning tool. In summary, the DNSRator extension simplifies the daily workflows of web professionals, improves diagnostic and security analysis processes, and is a valuable tool for anyone interested in learning about DNS.