Extvet

ExtShield automatically scans your Chrome extensions for security threats. Extensions you trust today can turn dangerous tomorrow - a single update can add keyloggers, steal your passwords, or redirect your traffic. ExtShield watches for these changes in real time.

HOW IT WORKS

1. Monitors your extensions - runs quietly in the background, watching for new installs and updates
2. Sends version info to our scanner - only the extension ID and version number, never your browsing data
3. Analyses the code server-side - we download the extension package directly from the Chrome Web Store and run it through 17 security checks
4. Shows you the results instantly - clear traffic-light status for every extension: Clean, Warning, or Danger

WHAT WE SCAN FOR

Credential & Data Theft
• Keystroke capture (keyloggers that record what you type)
• Form hijacking (intercepting login forms to steal passwords)
• Cookie theft (stealing session tokens to access your accounts)
• Clipboard snooping (reading passwords you've copied)

Malicious Code Patterns
• Base64-encoded payloads (hidden code that decodes and runs)
• Obfuscated scripts (deliberately unreadable code)
• Remote code loading (downloading attack payloads after install)
• Delayed execution (malicious code that waits before activating)
• WebAssembly binaries (compiled code that bypasses JS analysis)

Dangerous Browser API Usage
• Debugger access (can inspect and modify any page)
• Proxy hijacking (redirecting traffic through an attacker's server)
• Network interception (blocking, redirecting, or modifying requests)
• Silent downloads, screenshot capture, OAuth token access

Vulnerability Scanning
• Known vulnerable JavaScript libraries (RetireJS CVE database)
• Vulnerable direct and transitive npm dependencies (OSV database)
• Severity-graded results: Critical, Medium, and Low

Manifest & Policy Analysis
• Permission escalation between versions
• Weak Content Security Policy
• Custom update URLs (bypassing CWS review)
• Excessive permissions and legacy Manifest V2

TRUST SCORE

Every scanned extension receives a trust score from 0 to 100:
• 80-100: No significant issues found
• 50-79: Some concerns detected, review recommended
• 0-49: Multiple issues detected, action recommended

FEATURES

Real-Time Protection
• Instant alerts when a flagged extension updates
• Automatic re-scan every 30 minutes
• Auto-quarantine: temporarily disables high-risk extensions while the scan completes
• Strict mode: optionally disable ALL extensions on update until scan clears them

Clear, Actionable Information
• Extensions grouped by status: Danger, Warning, Pending, Clean
• 17 detailed security checks showing exactly what was analysed
• Permission risk indicators colour-coded by danger level
• On-demand scan findings with severity and evidence

Privacy First
• No account required - fully anonymous session tokens
• We never see your browsing history, bookmarks, or personal data
• Only extension IDs and version numbers are sent
• Session tokens can be rotated at any time

Available in 8 languages: English, Spanish, French, German, Portuguese, Russian, Chinese, and Japanese.