PERS - The Passive Expired Resource Scanner

A passive scanning tool for finding expired domain vulnerabilites while you browse.
What is PERS - The Passive Expired Resource Scanner?
PERS - The Passive Expired Resource Scanner is a Chrome extension that detects expired domains in webpage resources, allowing you to identify vulnerabilities passively. It alerts you to the details and offers ways to verify the domain expiration, helping penetration testers and auditors in finding and preventing hijacking of vulnerable webpages.
Download

Extension stats

Users: 86 ▲ 1
Version: 0.0.2 (Last updated: 2016-10-09)
Creation date: 2016-10-08
Risk impact: High risk impact
Risk likelihood: Low risk likelihood
Manifest version: 2
Permissions:
  • webRequest
  • webRequestBlocking
  • <all_urls>
Size: 711.68K
URLs: Website

Ranking

# 74579 ▼ 131
Other rankings
#8812 in Developer Tools ▼ 26 #40 in resource keyword 29 #195 in script keyword 21 ▼ 2 #248 in domain keyword 17 ▼ 25

Other platforms

Not available on Firefox
Not available on Edge
Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.

Extension summary

Analyze keywords

A Chrome extension which detects expired domains in webpage resources (such as external images, CSS, and JavaScript) while you browse. Once detected it alerts you to the details and offers multiple ways to verify that the domain is expired. These vulnerabilities often allow for hijacking of the vulnerable webpage.

Useful for penetration testers and auditors who wish to automatically identify these vulnerabilities passively while they browse.

Reason for various permissions requested by extension:

  • webRequest: Required to hook the onErrorOcurred function in Chrome to detect when a resource load has resulted in a network error occurring (e.g. "net::ERR_NAME_NOT_RESOLVED").
  • webRequestBlocking: Required to block and add headers for certain domain availability querying APIs (e.g. add Origin header).
  • <all_urls>: Required because we have to be able to detect failed network loads for resources from any domain/URL.

Extension safety

Risk impact

PERS - The Passive Expired Resource Scanner requires some sensitive permissions that could impact your browser and data security. Exercise caution before installing.

Risk likelihood

PERS - The Passive Expired Resource Scanner has earned a fairly good reputation and likely can be trusted.

Upgrade to see risk analysis details

Similar extensions

Here are some Chrome extensions that are similar to PERS - The Passive Expired Resource Scanner:

FrustratedTech - Server Admin Tool
FrustratedTech - Server Admin Tool
https://frustratedtech.com
3.80
258
ScriptMix
ScriptMix
https://idilernia.com
N/A
14
Domain Hunter Plus
Domain Hunter Plus
Netvantage Marketing
2.53
3,000+
Display Access Keys
Display Access Keys
dharris
4.33
343
Domain Check Plugin
Domain Check Plugin
https://domaincheckups.com
4.00
21
Vulners Web Scanner
Vulners Web Scanner
vankyver
4.55
9,000+
Cyber Web Tools
Cyber Web Tools
https://cyberwebtools.com
1.00
977
Domain Info
Domain Info
https://dmns.app
4.20
923
Orphaned Resources
Orphaned Resources
https://thehackerblog.com
N/A
39
Tracy
Tracy
jacob.heath.ncc
4.00
596
Opener Detector
Opener Detector
Harry Cutts
5.00
81
Bishop Vulnerability Scanner
Bishop Vulnerability Scanner
Jack Kingsman
3.75
3,000+