pkhbdkfenifidcejinfbgjdalelamaao
Automatically detect and highlight CVE IDs on web pages with vulnerability information from Vulners.com Vulners Lookup: Instant CVE Context in Your Browser Automatically detect and highlight CVE IDs on any web page—powered by the Vulners vulnerability knowledge graph. • Real-time CVE detection — instantly spot vulnerabilities on any page, from blogs and advisories to GitHub repositories. • On-hover insights — see CVSS severity, EPSS probability, AI-driven impact scoring, Known Exploited Vulnerabilities (KEV) status, and reference links in a clean, compact card. • One-click deep dive — open any CVE on [Vulners.com](https://vulners.com/) for full details, including descriptions, affected products, exploits, advisories, and patch information. • High-quality data — built on Vulners’ continuously updated knowledge graph, aggregating over 200 trusted sources with real-time enrichment. • Security engineers and vulnerability researchers • SOC and incident response teams • Red teams and penetration testers • DevSecOps and SRE professionals reviewing documentation, PRs, or vendor advisories 1. Install the extension. 2. Visit any website with vulnerability references. 3. CVE IDs are automatically highlighted—hover for instant context, click to explore full details. • No account required. • The extension only scans the page you’re viewing to identify CVE patterns. • Minimal metadata is fetched securely from Vulners to render context cards. • Built with minimal permissions and low overhead.
FortiDAST Web Application Scanning
Captures user navigation and events across tabs / windows. This Chrome extension provides a unique feature that allows you to record user activities, which can then be used to improve vulnerability scanning in FortiDAST. FortiDAST Web Application Scanning enables you to capture complex login sequences, including multi-form and multi-factor authentication (One-Time Passwords or Tokens), for vulnerability scans by capturing page-loads, click-events, keypress-events, visibility-change, submit-events, and input-events. The extension will automatically download the JSON with action contents for further processing in FortiDAST. Once you have captured a login sequence, FortiDAST combines advanced crawling technology and performs automated black-box dynamic application security testing of web applications to identify vulnerabilities that actors may exploit. ***To perform scans, you will need an active subscription to FortiDAST (https://fortidast.forticloud.com).***
OWASP Penetration Testing Kit
The OWASP Penetration Testing Kit (PTK) browser extension is your all-in-one solution for streamlining your daily AppSec tasks. Whether you’re a penetration tester, a Red Team member, or an AppSec practitioner, OWASP PTK enhances your efficiency and provides deep insights into your target application. Runtime Scanning (DAST & IAST & SAST & SCA): Perform Dynamic Application Security Testing, Static Analysis, In-Browser IAST and Software Composition Analysis on the fly. Identify SQL injection, command injection, reflected/stored XSS, SQL auth bypass, XPath injections, JWT attacks, and other complex threats. Static Analysis (SAST): PTK automatically parses loaded JavaScript, HTML, and CSS right in your browser—before any code ever runs. It flags unsafe patterns like `eval()`, `innerHTML`/`outerHTML` injection, insecure cryptographic calls, missing input sanitization, and common anti-patterns. In-Browser IAST (Interactive Application Security Testing): PTK’s built-in IAST engine instruments your app at runtime—right in the browser—tracking taint flows and code execution to flag vulnerabilities as they occur. Catch issues like DOM-based XSS, unsafe `eval`/`innerHTML` usage, open-redirects, and more without leaving your dev tools. JWT Inspector: Analyze, craft, and tamper with JSON Web Tokens. Generate keys, test null signatures, brute-force HMAC secrets, and inject malicious `jwk`, `jku`, or `kid` parameters. Insightful Application Info: One-click visibility into tech stacks, WAFs, security headers, crawled links, and authentication flows. Built-in Proxy & Traffic Log: Capture all HTTP(S) traffic, replay requests in R-Builder, and automate XSS, SQLi, and OS command injection. R-Builder for Request Tampering & Smuggling: Craft and manipulate HTTP requests, including complex request-smuggling techniques. Now with cURL import/export. Cookie Management: Add, edit, remove, block, protect, export, and import cookies from a powerful in-browser editor. Decoder/Encoder Utility: Instantly convert between UTF-8, Base64, MD5, URL-encode/decode, and more formats. Swagger.IO Integration: Browse and interact with API endpoints directly from your Swagger documentation. Selenium Integration: Shift left security by running automated Selenium tests with built-in vulnerability checks. Enhance your AppSec practice with PTK—the extension that makes your browser smarter and your testing faster. Install today and start uncovering vulnerabilities in real time!
CyberGuard: HTTP Security Header & Vulnerability Scanner
Scan HTTP security headers, identify missing protections like CSP, HSTS, and XSS prevention. CyberGuard is a powerful browser-based tool designed for ethical hackers, pentesters, and web developers to scan and audit HTTP response security headers on any live website. It helps you detect missing or misconfigured headers like: and more... 🛡️ Checks for 10+ critical security headers ❌ Displays mitigation tips for missing headers 🎨 Cyberpunk UI with terminal-style output 💡 Perfect For ✅ VAPT professionals ✅ CSP and HSTS debugging
VAPT Assistant Pro+
Advanced VAPT toolkit with AI, security headers, WAF detection, DNS/WHOIS tools, subdomain scanner, and VirusTotal integration. Unlock powerful web security and penetration testing capabilities with VAPT Assistant Pro+, the ultimate Chrome extension for pentesters, ethical hackers, and cyber security professionals. This all-in-one pentest tool and penetration testing toolkit provides everything you need for efficient vulnerability assessment, ethical hacking, and security testing directly in your browser. VAPT Assistant Pro+ offers a wide range of pentesting tools for comprehensive vulnerability assessment and penetration testing (VAPT), making it an essential tool for security analysts, bug bounty hunters, and IT professionals. Conduct advanced penetration testing, automate vulnerability scanning, analyze web application security, and strengthen your cyber security posture—all with an intuitive, user-friendly interface. Key features include web application pentesting, automated VAPT scans, cyber security analysis, ethical hacking tools, and real-time security monitoring. Whether you are performing manual security audits or automated tests, this extension simplifies your workflow and boosts your productivity. This extension helps you during a web application penetration testing and report writing so it was a checklist management tool pentester can also add custom bug bounty checklist also this extension is secure using MPIN pentest tool, pentesting tool, penetration testing tool, pentest toolkit, cyber security tool, ethical hacking tool, VAPT, vulnerability assessment, security testing, web application security, bug bounty, security analyst, IT security, browser extension, web security tool, automated pentest. Take your penetration testing and cyber security efforts to the next level with VAPT Assistant Pro+, the best Chrome extension for ethical hackers and penetration testers!
