PinPatrol

This table shows, in a readable format, the state of HSTS and HPKP domains stored by the browser.

PinPatrol

Extension stats

Users: 389
Rating: 4.50
(2)
Version: 0.4 (Last updated: 2018-04-23)
Creation date: 2018-04-23
Risk impact: Moderate risk impact
Risk likelihood:
Manifest version: 2
Permissions:
  • tabs
  • history
Size: 439.30K
URLs: Website

Other platforms

Not available on Android
Not available on Firefox
Not available on Edge
Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.

Extension summary

A tool for improving the experience using HSTS and HPKP in Chrome. It shows this information in a human readable way, from your own browser or from any other. It is very easy to use and it can provide useful information about the HSTS and HPKP data stored by your browser or a different one. This is not just a Chrome extension, but a simple forensics tool for interpreting HPKP and HSTS data from any Chrome’s user.

Chrome stores HPKP and HSTS information hashing the domains in a standard format, so there is some “privacy” for the users. The extension also tries to “un-hash” the domains. If there is a domain in your HSTS and HPKP domains repository, it means you have visited it. So it should be in your History files. What this extension does is get to your history of domains visited and hash them. If this hash matches with some of the hashes in HSTS/HPKP, it “translates” it so it is un-hashed. There may be some domains that are not un-hashed? Some reasons:

  • Your history has been deleted and the domain is not there, but still in the HSTS/HPKP repository.
  • Some visits to some domains with HSTS and HPKP are done “in the background” of a webpage, as part of its APIs, advertising system, etc. And these may not stored in the History.

Chrome offers chrome://net-internals/#hsts but definitely it is not the best way to watch your domains.

Extension safety

Risk impact

PinPatrol requires a few sensitive permissions. Exercise caution before installing.

Risk likelihood

PinPatrol may not be trust-worthy. Avoid installing if possible unless you really trust this publisher.

Upgrade to see risk analysis details

Similar extensions

Here are some Chrome extensions that are similar to PinPatrol: