基本信息

更新日期:
包名:
idppnaadbabknjeaifkegolcciafchpp
版本:
0.1.0
大小:
5.5MiB
类型:
扩展
平台:
Chrome
评分:
2
发布日期:
2021-08-18
价格:
免费
开发者:
Lukas Weichselbaum

Spectroscope插件截图

【图】Spectroscope(截图1)【图】Spectroscope(截图2)

Spectroscope插件简介

Spectroscope is a prototype extension for security engineers and web developers to help track down application resources which aren’t protected from being embedded by other websites. Such resources can, in some cases, be exfiltrated by malicious sites making use of CPU-level information leaks on users’ devices, such as the Spectre vulnerability.

The tool identifies resources which are exempt from default protections enabled in Google Chrome (Cross-Origin Read Blocking, SameSite cookies) and which can be embedded cross-site. The results are added to Chrome’s DevTools “Spectroscope” panel and include security recommendations to help protect your resources from Spectre and other cross-site attacks.

Note: This is a prototype extension which is meant to be used only as a convenience tool to help you protect your site; it is not an official Google product. Testing your site with Spectroscope is not a substitute for careful deployment of recommended web security features. See https://w3c.github.io/webappsec-post-spectre-webdev/ for a complete list of best practices.

Authors (alphabetically): Roberto Clapis, Santiago Diaz, Aleksandr Dobkin, David Dworken, Artur Janc, Aaron Shim, Lukas Weichselbaum

类似Spectroscope插件

This extension allows you to see the..
This extension allows you to see the cross window/frame communication happening behind the current tab. You can see in the console logs for the communication message or click the e..
The Fofa Pro View plugin tells you w..
The Fofa Pro View plugin tells you where the website is hosted (country, city), who owns the IP and what other services/ ports are open. The Fofa Pro View plugin for Chrome automat..
This extension returns a string repr..
This extension returns a string representing a target reference for active DOM elements designed for hijacking a method execution in a SOME attack. for more details about the SOME ..
Click to show the score for the curr..
Click to show the score for the current page. Click again to show the full report on our site. This extension shows the securityheaders.io score for the current page. Click the ext..
A tool designed to assist with findi..
A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner. There are many different ways to trigger XSS, es..
Analyze webpages for non-secure link..
Analyze webpages for non-secure link references. HTTPS only works if you use it! This simple Chrome extension adds a button to Chrome that allows you to easily discover non-secure ..
Add threat intelligence hover tool t..
Add threat intelligence hover tool tips. IPv4, MD5, SHA2, CVE, FQDN or add your own ThreatIntel IOC. Use any REST API. Creates on hover tooltips for every website for IPv4, MD5, SH..
The Rapid7 AppSec plugin works with ..
The Rapid7 AppSec plugin works with Rapid7 InsightAppSec and AppSpider dynamic application security testing solutions to improve application scanning coverage and assist in validat..
A monitoring browser extension for p..
A monitoring browser extension for pages acting as bad boys Behave! monitors and warn if a web page performs any of following actions: - DNS Rebinding attacks to Private IPs - Acce..
Adds warning message to WordPress Pl..
Adds warning message to WordPress Plugin Directory pages when plugins have one of a couple types of security issues. When plugins are removed from the WordPress Plugin Directory du..
This extension allows the user to re..
This extension allows the user to request a cross domain server! Hỗ trợ request cross domain
One click access to enhanced Workben..
One click access to enhanced Workbench™ for Salesforce™ With the Quirkbench extension you can copy a Salesforce Id or a Salesforce Object API name to clipboard and explore it in Wo..
lcw-downloader是国内知名留学企业《柳橙集团》内部开发的一款批量下载工具,通过该插件公司内部业务顾问可以批量下载学生的相关材料文件,从而大大提高了工作效率。
lcw-downloader是国内知名留学企业《柳橙集团》内部开发的一款批量下载工具,通过该插件公司内部业务顾问可以批量下载学生的相关材料文件,从而大大提高了工作效率。
After signing up, you will submit al..
After signing up, you will submit all the websites you want to send traffic to. Then you can either earn free traffic by viewing others' sites or buy a traffic package from us.
帐户管理工具
帐户管理工具
Generates changelog entries from a Targetprocess entity page
Generates changelog entries from a Targetprocess entity page
This extension measures Google Core ..
This extension measures Google Core Web Vital Scores The extension basically measures the Google Core Web Vitals. It will highlight the Cumulative Layout Shifts in the page and as ..
Easy and fast wireframing service
Easy and fast wireframing service
This extension allows you to work wi..
This extension allows you to work with the website channels in your BlueConic Universe. Log in to your BlueConic environment to automatically activate the extension. The extension ..
这个chrome扩展是由Uni-Customer-Care开发的。除了捕捉屏幕的内容外,它什么都不做。
这个chrome扩展是由Uni-Customer-Care开发的。除了捕捉屏幕的内容外,它什么都不做。

Spectroscope插件下载

免费下载插件商店

插件评论

Jerry

I was finally able to find the ghost in the machine using this extension.

Eduardo

I used to not believe in ghosts. But after using this extension, I feel like I see dead people!