DotDrop - Secret Files Detector Firefox

DotDrop - Secret Files Detector

Detects exposed sensitive files like .git, .env, SSH keys, and configuration files. Features: traffic light alerts, scan progress, severity filtering, batch scanning, and export to JSON/CSV/Markdown

Features & Capabilities

DotDrop - Sensitive File Detector

Automatically scan websites for exposed sensitive files and security vulnerabilities. Perfect for security researchers, developers, and bug bounty hunters.

🔍 What It Detects

DotDrop scans for 80+ types of exposed files including:

  • Version Control: .git/, .svn/, .hg/
  • Credentials: .env, .htpasswd, SSH keys (id_rsa)
  • Cloud Keys: AWS, GCP, Azure credentials
  • Database Files: SQL dumps, MongoDB backups
  • Configuration: Docker, Kubernetes, CI/CD configs
  • Backups: ZIP, TAR, SQL backup files
✨ Key Features
  • Traffic Light System: 🟢 Safe / 🟠 Not Scanned / 🔴 Vulnerable
  • Real-time Scan Progress: See exactly what's being checked
  • One-Click Copy: Export findings as formatted Markdown reports
  • Detection Age Tracking: "2h ago", "3d ago" timestamps
  • Stealth Mode: Slower scanning to avoid rate limiting
  • Batch Scanning: Test multiple domains at once
  • Export Options: JSON, CSV, or Markdown formats
  • Statistics Dashboard: Track vulnerable sites and severity breakdown
  • 100% Local: Zero data collection, complete privacy
🔒 Privacy & Security

✅ All processing happens locally on your device ✅ No data sent to external servers ✅ No analytics or tracking ✅ Open source - inspect the code yourself ✅ Minimal permissions (only what's needed)

🎯 Perfect For

  • Security researchers conducting vulnerability assessments
  • Developers checking their own sites for exposed files
  • Bug bounty hunters finding security issues
  • DevOps teams auditing infrastructure
  • Anyone concerned about web security
🚀 How It Works
  1. Browse normally - DotDrop scans automatically
  2. Check the icon - Color indicates security status
  3. Click to view - See detailed findings
  4. Export results - Copy or download reports
🛡️ False Positive Prevention

Advanced 5-layer validation system ensures accurate detection:

  • HTTP 200 status verification
  • Content-Type checking
  • File size validation
  • HTML error page detection
  • Content pattern analysis

📊 Professional Features

  • Severity Levels: Critical, Medium, Low color-coded alerts
  • Pattern Groups: Enable/disable specific detection categories
  • Detection History: Track all findings over time
  • Customizable Settings: Auto-scan, critical-only mode
  • Badge Counter: Shows number of exposed files found
🌐 Use Cases

For Developers: Test your own websites before deployment to catch exposed configuration files, credentials, or backup files that shouldn't be public.

For Security Researchers: Quickly identify common security misconfigurations during reconnaissance. Export findings for professional reports.

For Bug Bounty Hunters: Automate the detection of low-hanging fruit vulnerabilities. Copy findings directly to bug reports with one click.

⚡ Lightweight & Fast

  • Minimal resource usage
  • Fast parallel scanning
  • Clean, professional UI
  • No bloat or unnecessary features
🔧 Technical Details
  • Manifest V3 compliant
  • Works on all HTTP/HTTPS sites
  • Respects browser security policies
  • Compatible with Firefox 109+
📝 Open Source

Fully open source on GitHub. Contributions welcome!

Disclaimer: This tool is for ethical security research and educational purposes only. Always obtain proper authorization before testing websites you don't own.

User Growth & Download Statistics

Manifest V3 Add-on
By:
Interzone
Daily users:
6
Version:
1.1.1 Last updated: 2025-11-01
Version code:
6066106
Creation date:
2025-10-26
Risk:
Moderate risk impact Moderate risk likelihood
Permissions:
Host permissions:
  • <all_urls>
Content scripts matches:
  • <all_urls>
Size:
32.56KB
Email:
in*****@gmail.com
Full description:
See detailed description
Source:
Firefox Add-ons Store
Data ingested on:
2026-07-14
Compare stats and ranking:

Contact the developer

Chrome-Stats does not own this Firefox add-on. Please use these information below to contact the Firefox add-on developer.
Developed by:
Interzone
Firefox Add-ons Store
https://addons.mozilla.org/firefox/addon/dotdrop-secret-files-detector/
Email:
in*****@gmail.com

Permission Change History

2025-11-01: Version 1.1.0 → 1.1.1
Remove Permissions: webRequest

Is DotDrop - Secret Files Detector Safe?

Risk impact
Risk impact measures the level of extra permissions an extension has access to. A low risk impact extension cannot do much harms, whereas a high risk impact extension can do a lot of damage like stealing your password, bypassing your security settings, and accessing your personal data. High risk impact extensions are not necessarily malicious. However, if they do turn malicious, they can be very harmful.

DotDrop - Secret Files Detector requires a few sensitive permissions. Exercise caution before installing.

Risk impact analysis details
  • Critical Allows access to all websites, posing a significant security risk as it can monitor and modify data from any visited site.
  • High ******* ******* **** *** ****** ***** *** ***** ** ******* **** ********* ********* ** * *********** *****
Risk likelihood
Risk likelihood measures the probability that a Firefox add-on may turn malicious. This is determined by the publisher and the Firefox add-on reputation on Firefox Add-ons Store, the amount of time the Firefox add-on has been around, and other signals about the Firefox add-on. Our algorithms are not perfect, and are subject to change as we discover new ways to detect malicious extensions. We recommend that you always exercise caution when installing a Firefox add-on.

DotDrop - Secret Files Detector is probably trust-worthy. Prefer other publishers if available. Exercise caution when installing this add-on.

Risk likelihood analysis details
  • High This extension has low user count. Unpopular extensions may not be stable or safe.
  • Low **** ********* *** ******* **** **** * ****** **** ***** ******** *** **** ****** ** ** ****** *** *****
  • Low **** ********* *** ***** **** **** * ****** **** ***** ********** *** **** ****** ** ** ****** *** *****
Extension Guard
Extension Guard

Discover every extension in use, analyze risks, and enforce blocking policies with Extension Guard

Secure Your Browser
Upgrade to see full risk analysis details

Best DotDrop - Secret Files Detector Alternatives

Here are some Firefox add-ons that are similar to DotDrop - Secret Files Detector: