Bishop Vulnerability Scanner

Search websites for git repos, exposed config files, and more as you browse.

What is Bishop Vulnerability Scanner?

Bishop Vulnerability Scanner is a Chrome extension designed to enhance the security of websites. It operates as a background scanner, detecting exposed version control systems, misconfigurations, and other potential vulnerabilities. Featuring a whitelisting regex system, this tool allows users to restrict its operation to authorized hosts. It alerts users when it locates vulnerabilities, all the while maintaining high network throughput due to time-staggered background requests. Bishop is for legal use only and its rule system is highly extendable.

Download

Stats

By: Jack Kingsman

View on Chrome Web Store

Users: 4,000+

Rating: 3.75 (12)

Version: 1.0.12 (Last updated: 2019-01-20)

Creation date: 2019-01-20

Risk impact: Low risk impact

Risk likelihood: Very low risk likelihood

Manifest version: 2

Permissions:

storage

Size: 202.75K

Email: ja*****@gmail.com

URLs: Website

Stats date:

Chrome-Stats Rank

# 15764 ▼ 79

Other rankings

#733 in Developer Tools ▲ 5 #32 in scan keyword 33 ▲ 8 #53 in rule keyword 9 ▲ 7

Other platforms

Not available on Firefox

Not available on Edge

Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.

Summary

Analyze keywords

Bishop is a vulnerability scanner that searches websites in the background while you browse, looking for exposed version control systems, misconfigured administrative tools, and more. With a whitelisting regex system, you can easily restrict this tool to hosts that you are authorized to scan.

It works by searching for files with a given path on the current URL path and all parent paths, applying given regex to the results to check for proof positive of a vulnerable location. If the path returns 200 and matches the regex, it's flagged as vulnerable and alerts you. All rules are run on all directories in a set of time-staggered background XHR requests, so network throughput remains high at all times.

Bishop comes with a set of rules that hunt for the lowest hanging fruit, but the rule system is entirely extensible - rules are regular expressions that are run on specified directories, so if you can turn it into a regex, Bishop will look for it.

Bishop is intended SOLELY for legal use on web servers that you control or are permitted to scan, and the developers are not responsible for how you choose to use this software.

Bishop is MIT licensed and open source; contribute at https://github.com/jkingsman/bishop.

User reviews

How can add Vulnerable Sites, is there any template or something like that. it's not adding any site

Muzafar Ali Yousaf Ali, 2023-05-29

Excellent for finding vulnerabilities in my projects so i can fix them ASAP. Ability to add your own rules comes in handy quite a bit when I need something specific to look for. Highly recommended.

Moron Perfectus, 2015-08-24

Has an ability to import demo rules that the developer already had setup. Love this! This makes it easier to find mistakes in my own projects and the company I work for's products.