mefiifjaoonlidppjkhhchohdgpbbfhn
Block XSS, SQL injection, and trackers with real-time analytics. Privacy-first local-only protection for secure browsing. PROTECT YOUR BROWSING WITH ENTERPRISE-GRADE SECURITY Web Firewall Extension brings professional-grade web security to your browser, protecting you from XSS attacks, SQL injection, malicious scripts, and invasive tracking—all while respecting your privacy with 100% local-only processing. Developed by Command & Code Labs, a leader in browser security innovation, this extension empowers users to take control of their online safety without compromising performance or privacy. THE THREATS YOU FACE DAILY Every time you browse the web, you're exposed to: • CROSS-SITE SCRIPTING (XSS): Malicious scripts injected into legitimate websites that steal your passwords, session tokens, and personal data • SQL INJECTION: Attackers manipulating database queries through URL parameters to breach website security • TRACKING & ANALYTICS: Hidden scripts that follow you across the web, building detailed profiles of your browsing habits • MALICIOUS REDIRECTS: Fake JavaScript and data URLs designed to hijack your browser and execute harmful code • COOKIE THEFT: Unauthorized access to your browser storage, exposing login credentials and sensitive information Traditional security solutions can't catch everything. Antivirus software stops downloads, but not web-based attacks. Ad blockers focus on ads, not security. You need specialized protection designed specifically for modern web threats. HOW WEB FIREWALL PROTECTS YOU Web Firewall acts as your personal security guard, inspecting every web request before it reaches your browser: 1️⃣ REAL-TIME THREAT BLOCKING • Analyzes URLs, scripts, and resources in milliseconds • Blocks malicious content before it can execute • Uses Chrome's native Declarative Net Request API for zero performance impact 2️⃣ INTELLIGENT SECURITY MODES • Balanced Protection: Daily browsing security that doesn't break websites • Maximum Security: Enhanced protection for high-risk environments • Custom Rules: Power users can create their own advanced filters 3️⃣ COMPREHENSIVE THREAT COVERAGE • XSS Prevention: Blocks script injection attacks (javascript:, data: URLs, inline scripts) • SQL Injection Defense: Stops database manipulation attempts (UNION SELECT, OR '1'='1') • Tracking Protection: Eliminates Google Analytics, tracking pixels, and data brokers • Admin Path Security: Prevents accidental exposure to sensitive admin interfaces • Browser Storage Protection: Guards your cookies, localStorage, and sessionStorage 4️⃣ PRIVACY-FIRST ARCHITECTURE • 100% local processing—no data ever leaves your device • No cloud connections, no external servers, no data collection • Telemetry stored locally only, fully under your control • Export your security data anytime in JSON or CSV format Unlike other security tools that work silently in the background, Web Firewall gives you complete visibility into your protection: • Live threat counter on your toolbar badge—see exactly how many attacks we've blocked • Detailed analytics page showing: ✓ Total blocked requests with timestamps ✓ Top blocked domains (analytics trackers, malicious sites) ✓ Most active security rules and their effectiveness ✓ Chronological log of every blocked threat with full details • Export capabilities for security analysis and reporting • Rule ID tooltips—hover over any rule to understand what it blocked and why Choose the perfect balance between security and usability: BALANCED PROTECTION MODE (Recommended) Perfect for everyday browsing. Blocks: • All XSS attacks (javascript:, data: URLs, script injection) • SQL injection attempts • Analytics and tracking scripts (Google Analytics, Facebook Pixel, etc.) • Malicious URL patterns MAXIMUM SECURITY MODE For high-risk environments like public Wi-Fi or untrusted networks. Adds: • Browser storage access blocking (prevents cookie theft) • Admin path protection (blocks /wp-admin, /phpmyadmin access) • Enhanced XSS detection with paranoid-level pattern matching • Additional malicious script prevention CUSTOM RULES MODE Power users can create sophisticated filtering rules: • JSON-based rule configuration • Support for regex patterns and complex conditions • Filter by resource type (scripts, images, frames, etc.) • Domain allowlists and blocklists • Professional-grade declarative syntax Every blocked request is tagged with a Rule ID that tells you exactly what happened: • Rule 10001: JavaScript URL Protocol—blocked javascript: XSS attempt • Rule 10002: Data URL Protocol—stopped malicious data: URI • Rule 10010: XSS Patterns—caught script injection in URL parameters • Rule 10020: SQL Injection—prevented database attack • Rule 10030: Analytics/Tracking—blocked tracking script • Rules 80000+: Dynamic runtime protection rules • Rules 55000+: Your custom user-defined rules Hover over any Rule ID in the analytics dashboard to see a detailed explanation with examples—perfect for learning about web security! • Instant filtering with no page load delays • Minimal memory footprint (under 5MB) • No CPU overhead—filtering happens in Chrome's optimized engine • Efficient telemetry with smart data aggregation • Scales to thousands of rules without slowdown ✅ PRIVACY-CONSCIOUS USERS If you're concerned about online tracking and data collection, Web Firewall blocks analytics scripts, tracking pixels, and third-party data brokers—all while keeping your browsing data completely private. ✅ SECURITY PROFESSIONALS IT professionals, security researchers, and developers need visibility into web threats. Our detailed analytics, rule customization, and export features give you the tools to analyze and respond to attacks. ✅ REMOTE WORKERS & TRAVELERS Public Wi-Fi at coffee shops, airports, and hotels is notoriously insecure. Maximum Security mode protects you from man-in-the-middle attacks, cookie theft, and malicious injections on untrusted networks. ✅ STUDENTS & EDUCATORS Educational institutions are common targets for cyberattacks. Web Firewall provides an additional layer of security when accessing academic resources, research databases, and online learning platforms. ✅ EVERYDAY INTERNET USERS You don't need to be a security expert to benefit from protection. Balanced mode works automatically, blocking threats you didn't even know existed while letting you browse normally. ✅ DEVELOPERS & TESTERS Test your web applications against common attack vectors. Use custom rules to simulate different security scenarios and validate your own web security implementations. BROWSING NEWS SITES Major news websites load dozens of analytics and tracking scripts. Web Firewall blocks: • Google Analytics tracking your reading habits • Facebook Pixel building your interest profile • Third-party ad networks collecting your data Result: You read the news privately, without being tracked across the web. ONLINE SHOPPING E-commerce sites often have vulnerabilities that attackers exploit. Web Firewall prevents: • XSS attacks that steal your payment information • Cookie theft that hijacks your shopping session • Malicious redirects to fake checkout pages Result: Your shopping experience is secure and your payment data stays protected. WORKING REMOTELY When you connect to company resources from public Wi-Fi, Web Firewall provides: • Protection against man-in-the-middle attacks • Blocking of malicious injection attempts on untrusted networks • Prevention of browser storage theft (cookies, session tokens) Result: Your work credentials and company data remain secure, even on risky networks. EXPLORING NEW WEBSITES Visiting unfamiliar sites carries risk. Web Firewall guards against: • Drive-by download attempts via javascript: URLs • SQL injection attacks through URL parameters • Malicious scripts embedded in legitimate-looking content Result: You can explore the web confidently, knowing dangerous content is automatically blocked. 1️⃣ INSTALL THE EXTENSION Click "Add to Chrome" and pin it to your toolbar 2️⃣ CHOOSE YOUR SECURITY MODE • Start with Balanced Protection (recommended) • Upgrade to Maximum Security for high-risk environments • Create custom rules if you have specific needs 3️⃣ BROWSE NORMALLY Web Firewall works silently in the background, blocking threats automatically 4️⃣ CHECK YOUR ANALYTICS (OPTIONAL) Click the extension icon → Analytics to see what we've blocked Watch your protection statistics grow as you browse That's it! No complicated configuration, no technical expertise required. Web Firewall protects you from the moment you install it. YOUR DATA NEVER LEAVES YOUR DEVICE Many security extensions send your browsing data to cloud servers "for analysis." We don't. Here's our guarantee: ❌ NO DATA COLLECTION We don't collect your browsing history, blocked URLs, or any personal information. ❌ NO THIRD-PARTY SHARING Your security data is yours alone. We never share, sell, or transmit it. ✅ LOCAL-ONLY STORAGE Telemetry is stored in Chrome's local storage, accessible only to you. ✅ FULL CONTROL Export your data anytime. Clear it with one click. Complete transparency. ✅ OPEN DOCUMENTATION Our privacy policy is clear, detailed, and written in plain language. This isn't just a feature—it's our core principle. Security and privacy go hand in hand.
Watchtower - Extension watcher & Helper
Monitors extension permissions and activity to protect your privacy. Ever wonder what your browser extensions are really doing? Many extensions have access to your most sensitive data, operating like black boxes without your knowledge. You deserve to know who you can trust. Introducing Watchtower, your personal security guard for your browser. Watchtower is a powerful privacy and security tool that scans every extension you have installed. It analyzes their permissions in plain English and assigns a simple risk score so you can see at a glance, which extensions might be overstepping their boundaries. Key Features Permission Scanner & Risk Analysis: Watchtower automatically analyzes every extension on your browser and flags dangerous permissions that could compromise your privacy. Easy-to-Understand Ratings: Extensions are categorized into "High Risk," "Use Caution," or "Minimal Risk" so you can make informed decisions quickly. Proactive Sensitive Site Alerts: Receive a clear, non-intrusive warning banner if a "High Risk" extension is active on sensitive websites like your bank, email, or social media pages. Plain English Explanations: Finally understand what "access your data on all websites" actually means. Watchtower translates confusing developer jargon into clear, concise explanations. Active Extension Dashboard: See exactly which extensions are running on your current webpage at any time. Upgrade to the Watchtower Suite (Optional One-Time Purchase) For the ultimate in privacy control, upgrade to the Watchtower Suite and unlock a set of powerful, automated tools: Context-Aware Controls: The flagship premium feature. Automatically disable specific extensions on the websites you choose. Stop your shopping coupon extension from running on your online banking site! When you leave the site, Watchtower intelligently re-enables the extension for you. Extension Profiles (Workspaces): Are you tired of a cluttered toolbar? Create and switch between profiles like "Work," "Social Media," or "Reading" to enable only the extensions you need for that task with a single click. Permission Change History: Get a permanent, timestamped log of every time an extension adds or removes permissions during an update. Instantly catch when a once-safe extension becomes more invasive. Browse with Confidence: Stop guessing and know exactly what your extensions are doing. Prevent Privacy Leaks: Easily identify and manage extensions that demand too much access to your data. Take Back Control: Go beyond simple on/off switches with powerful, automated rules and profiles that put you in charge. Your Privacy is Paramount: Watchtower performs all its analysis locally on your computer. Your data, browse history, and extension information never leave your machine.
CyberGuard: HTTP Security Header & Vulnerability Scanner
Scan HTTP security headers, identify missing protections like CSP, HSTS, and XSS prevention. CyberGuard is a powerful browser-based tool designed for ethical hackers, pentesters, and web developers to scan and audit HTTP response security headers on any live website. It helps you detect missing or misconfigured headers like: and more... 🛡️ Checks for 10+ critical security headers ❌ Displays mitigation tips for missing headers 🎨 Cyberpunk UI with terminal-style output 💡 Perfect For ✅ VAPT professionals ✅ CSP and HSTS debugging
LPR - Ultimate Recon & Bug Hunting Tool
LPR (Live Params & Redirects) is an all-in-one reconnaissance and… LPR (Live Params & Redirects) is an all-in-one reconnaissance and vulnerability scanning assistant designed for Bug Bounty Hunters, Penetration Testers, and Web Developers. Instead of wasting time inspecting elements and grepping through minified JavaScript files, LPR automatically extracts and categorizes every potential injection point and hidden asset on the page. 🕵️♂️ Deep Parameter Extraction: Automatically scrapes parameters from HTML forms, DOM inputs, and JavaScript variables (var, let, const). 🔗 Advanced Asset Discovery: Digs into external .js files to find full URLs (S3 buckets, API endpoints) and hidden Routes (e.g., /api/v1/admin) that are invisible in the UI. ⚔️ XSS & Security Scanner: proactively hunts for Dangerous Sinks (innerHTML, eval), React/Vue bypass patterns, and javascript: URIs to speed up your XSS discovery. 🆔 IDOR Hunting: Instantly lists all ID-related patterns (e.g., user_id, order_uuid, account_id) found in the source code with line numbers. 🔀 Redirect Analysis: Detects potential Open Redirect vulnerabilities by scanning for window.location, meta refresh, and navigation sinks. 💾 Accumulative Scanning: Data is saved as you browse. The extension prevents accidental tab closing to ensure you never lose your reconnaissance data during a session. Why LPR? Whether you are looking for hidden API endpoints, testing for IDORs, or hunting for DOM-based XSS, LPR gives you a bird's-eye view of the target's attack surface in seconds.
Tiny HTTP/S Logger
Command & Code Labs: View and filter HTTP/HTTPS requests made by the current site. Tiny HTTP/S Logger by Command & Code Labs gives you instant visibility into the network requests your browser makes when you visit a website. Whether you’re a developer, tester, or just curious, this tool lets you see exactly what’s happening behind the scenes—without the clutter of full DevTools. 🔍 What it does - Captures and displays all HTTP/HTTPS requests made by the current site in real time. - Shows details such as method, scheme, status code, content type, domain, and request length. - Lets you filter by domain, HTTP method, scheme, status class (2xx/3xx/4xx/5xx), regex matches, or tab scope. - Switch between a table view and a timeline view for better request inspection. - Export logs easily as CSV or NDJSON for offline analysis or sharing. ⚙️ How it works - The extension uses Chrome’s webRequest API to observe metadata about network traffic. - It runs entirely in your browser with per-site permissions—you must explicitly click Enable on this site before it can log anything. - No background logging across all tabs. No silent monitoring. You stay in control. - Everything is stored locally and transiently; logs clear automatically when you disable, reload, or choose “Clear.” 🔒 Privacy & Security - No data leaves your device. All logs stay inside your browser. - No remote servers. No analytics. No tracking. - Minimal permissions: only webRequest, tabs, and storage. Site access is requested on demand, per site, never globally. - Built for transparency, not data collection. 🌟 Why install it? - Developers & testers: Quickly debug API calls, check response codes, or spot failing endpoints without opening full DevTools. - Security learners: See how modern sites load assets, call APIs, and redirect traffic in real time. - Curious users: Understand what your browser is doing every time you load a page. Tiny HTTP/S Logger is lightweight, focused, and built with respect for your privacy. If you’ve ever wanted an easy way to peek into network activity without friction, this extension is for you.
