Bishop Vulnerability Scanner

Search websites for git repos, exposed config files, and more as you browse.

Bishop Vulnerability Scanner - Chrome Extension for Website Security

Bishop Vulnerability Scanner is a Chrome extension designed to enhance the security of websites. It operates as a background scanner, detecting exposed version control systems, misconfigurations, and other potential vulnerabilities. Featuring a whitelisting regex system, this tool allows users to restrict its operation to authorized hosts. It alerts users when it locates vulnerabilities, all the while maintaining high network throughput due to time-staggered background requests. Bishop is for legal use only and its rule system is highly extendable.
Install from Chrome Web Store

Extension stats

Users: 3,000+
Rating: 3.75
(12)
Version: 1.0.12 (Last updated: 2019-01-20)
Creation date: 2019-01-20
Risk impact: Low risk impact
Risk likelihood:
Manifest version: 2
Permissions:
  • storage
Size: 202.75K

Other platforms

Not available on Android
Not available on Firefox
Not available on Edge
Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.

Extension summary

Bishop is a vulnerability scanner that searches websites in the background while you browse, looking for exposed version control systems, misconfigured administrative tools, and more. With a whitelisting regex system, you can easily restrict this tool to hosts that you are authorized to scan.

It works by searching for files with a given path on the current URL path and all parent paths, applying given regex to the results to check for proof positive of a vulnerable location. If the path returns 200 and matches the regex, it's flagged as vulnerable and alerts you. All rules are run on all directories in a set of time-staggered background XHR requests, so network throughput remains high at all times.

Bishop comes with a set of rules that hunt for the lowest hanging fruit, but the rule system is entirely extensible - rules are regular expressions that are run on specified directories, so if you can turn it into a regex, Bishop will look for it.

Bishop is intended SOLELY for legal use on web servers that you control or are permitted to scan, and the developers are not responsible for how you choose to use this software.

Bishop is MIT licensed and open source; contribute at https://github.com/jkingsman/bishop.

User reviews

How can add Vulnerable Sites, is there any template or something like that. it's not adding any site

Excellent for finding vulnerabilities in my projects so i can fix them ASAP. Ability to add your own rules comes in handy quite a bit when I need something specific to look for. Highly recommended.
by Moron Perfectus, 2015-08-24

Has an ability to import demo rules that the developer already had setup. Love this! This makes it easier to find mistakes in my own projects and the company I work for's products.
by Jacob Sifuentes, 2015-03-24
View all user reviews

Extension safety

Risk impact

Bishop Vulnerability Scanner requires very minimum permissions.

Risk likelihood

Bishop Vulnerability Scanner has earned a good reputation and can be trusted.

Upgrade to see risk analysis details

Promo images

Bishop Vulnerability Scanner small promo image
Small promo image

Similar extensions

Here are some Chrome extensions that are similar to Bishop Vulnerability Scanner: