ExtVet

Tracking since Apr 4, 2026.

Changelog

• Apr 17, 2026
  description

  ExtShield automatically scans your Chrome extensions for security threats. Extensions you trust today can turn dangerous tomorrow - a single update can add keyloggers, steal your passwords, or redirect your traffic. ExtShield watches for these changes in real time.
  
  
  HOW IT WORKS
  
  1. Monitors your extensions - runs quietly in the background, watching for new installs and updates
  2. Sends version info to our scanner - only the extension ID and version number, never your browsing data
  3. Analyses the code server-side - we download the extension package directly from the Chrome Web Store and run it through 17 security checks
  4. Shows you the results instantly - clear traffic-light status for every extension: Clean, Warning, or Danger
  
  
  WHAT WE SCAN FOR
  
  Credential & Data Theft
  • Keystroke capture (keyloggers that record what you type)
  • Form hijacking (intercepting login forms to steal passwords)
  • Cookie theft (stealing session tokens to access your accounts)
  • Clipboard snooping (reading passwords you've copied)
  
  Malicious Code Patterns
  • Base64-encoded payloads (hidden code that decodes and runs)
  • Obfuscated scripts (deliberately unreadable code)
  • Remote code loading (downloading attack payloads after install)
  • Delayed execution (malicious code that waits before activating)
  • WebAssembly binaries (compiled code that bypasses JS analysis)
  
  Dangerous Browser API Usage
  • Debugger access (can inspect and modify any page)
  • Proxy hijacking (redirecting traffic through an attacker's server)
  • Network interception (blocking, redirecting, or modifying requests)
  • Silent downloads, screenshot capture, OAuth token access
  
  Vulnerability Scanning
  • Known vulnerable JavaScript libraries (RetireJS CVE database)
  • Vulnerable direct and transitive npm dependencies (OSV database)
  • Severity-graded results: Critical, Medium, and Low
  
  Manifest & Policy Analysis
  • Permission escalation between versions
  • Weak Content Security Policy
  • Custom update URLs (bypassing CWS review)
  • Excessive permissions and legacy Manifest V2
  
  
  TRUST SCORE
  
  Every scanned extension receives a trust score from 0 to 100:
  • 80-100: No significant issues found
  • 50-79: Some concerns detected, review recommended
  • 0-49: Multiple issues detected, action recommended
  
  
  FEATURES
  
  Real-Time Protection
  • Instant alerts when a flagged extension updates
  • Automatic re-scan every 30 minutes
  • Auto-quarantine: temporarily disables high-risk extensions while the scan completes
  • Strict mode: optionally disable ALL extensions on update until scan clears them
  
  Clear, Actionable Information
  • Extensions grouped by status: Danger, Warning, Pending, Clean
  • 17 detailed security checks showing exactly what was analysed
  • Permission risk indicators colour-coded by danger level
  • On-demand scan findings with severity and evidence
  
  Privacy First
  • No account required - fully anonymous session tokens
  • We never see your browsing history, bookmarks, or personal data
  • Only extension IDs and version numbers are sent
  • Session tokens can be rotated at any time
  
  Available in 8 languages: English, Spanish, French, German, Portuguese, Russian, Chinese, and Japanese.

  ExtVet automatically scans your Chrome extensions for security threats. Extensions you trust today can turn dangerous tomorrow - a single update can add keyloggers, steal your passwords, or redirect your traffic. ExtVet watches for these changes in real time.
  
  
  HOW IT WORKS
  
  1. Monitors your extensions - runs quietly in the background, watching for new installs and updates
  2. Sends version info to our scanner - only the extension ID and version number, never your browsing data
  3. Analyses the code server-side - we download the extension package directly from the Chrome Web Store and run it through 17 security checks
  4. Shows you the results instantly - clear traffic-light status for every extension: Clean, Warning, or Danger
  
  
  WHAT WE SCAN FOR
  
  Credential & Data Theft
  • Keystroke capture (keyloggers that record what you type)
  • Form hijacking (intercepting login forms to steal passwords)
  • Cookie theft (stealing session tokens to access your accounts)
  • Clipboard snooping (reading passwords you've copied)
  
  Malicious Code Patterns
  • Base64-encoded payloads (hidden code that decodes and runs)
  • Obfuscated scripts (deliberately unreadable code)
  • Remote code loading (downloading attack payloads after install)
  • Delayed execution (malicious code that waits before activating)
  • WebAssembly binaries (compiled code that bypasses JS analysis)
  
  Dangerous Browser API Usage
  • Debugger access (can inspect and modify any page)
  • Proxy hijacking (redirecting traffic through an attacker's server)
  • Network interception (blocking, redirecting, or modifying requests)
  • Silent downloads, screenshot capture, OAuth token access
  
  Vulnerability Scanning
  • Known vulnerable JavaScript libraries (RetireJS CVE database)
  • Vulnerable direct and transitive npm dependencies (OSV database)
  • Severity-graded results: Critical, Medium, and Low
  
  Manifest & Policy Analysis
  • Permission escalation between versions
  • Weak Content Security Policy
  • Custom update URLs (bypassing CWS review)
  • Excessive permissions and legacy Manifest V2
  
  
  TRUST SCORE
  
  Every scanned extension receives a trust score from 0 to 100:
  • 80-100: No significant issues found
  • 50-79: Some concerns detected, review recommended
  • 0-49: Multiple issues detected, action recommended
  
  
  FEATURES
  
  Real-Time Protection
  • Instant alerts when a flagged extension updates
  • Automatic re-scan every 30 minutes
  • Auto-quarantine: temporarily disables high-risk extensions while the scan completes
  • Strict mode: optionally disable ALL extensions on update until scan clears them
  
  Clear, Actionable Information
  • Extensions grouped by status: Danger, Warning, Pending, Clean
  • 17 detailed security checks showing exactly what was analysed
  • Permission risk indicators colour-coded by danger level
  • On-demand scan findings with severity and evidence
  
  Privacy First
  • No account required - fully anonymous session tokens
  • We never see your browsing history, bookmarks, or personal data
  • Only extension IDs and version numbers are sent
  • Session tokens can be rotated at any time
  
  Available in 8 languages: English, Spanish, French, German, Portuguese, Russian, Chinese, and Japanese.

• Apr 17, 2026
  name

  ExtShield

  ExtVet

Permissions & access

Permissions

managementstoragealarmsnotifications

Host access

https://extshield-api.azurewebsites.net/*

Screenshots