Rapid7 AppSec Plugin

What is Rapid7 AppSec Plugin?

The 'Rapid7 AppSec Plugin' is a Chrome extension that functions with Rapid7 InsightAppSec and AppSpider to enhance application security scanning and validate identified vulnerabilities. This plugin possesses notable features like Macro Recording, Vulnerability Validator, Bootstrap Authentication, and Traffic Recorder, ensuring comprehensive protection and simplified vulnerability management.

Download

Stats

By: Rapid7

View on Chrome Web Store

Users: 8,000+

Rating: 3.67 (3)

Version: 4.6.6 (Last updated: 2023-09-16)

Creation date: 2020-06-10

Risk impact: Very high risk impact

Risk likelihood: Very low risk likelihood

Manifest version: 3

Permissions:

activeTab
cookies
notifications
tabs
storage
background
debugger
scripting
webRequest

Host permissions:

*://*/*
file://*/*
http://*/*
https://*/*

Size: 41.93M

Email: ch*****@rapid7.com

URLs: Privacy policy

Stats date:

Chrome-Stats Rank

# 11003 ▼ 146

Other rankings

#699 in Developer Tools

#10 in plugin keyword 62 ▲ 9

#40 in replay keyword 13

#60 in scan keyword 31

#77 in traffic keyword 40 ▲ 1

Upgrade to see more rankings

Other platforms

Not available on Firefox

Not available on Edge

Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.

Summary

Analyze keywords

The Rapid7 AppSec plugin works with Rapid7 InsightAppSec and AppSpider dynamic application security testing solutions to improve application scanning coverage and assist in validating vulnerabilities with these capabilities:

Macro Recording - Use the plugin to record macros required by InsightAppSec and AppSpider Enterprise when selecting the Macro Authentication scan configuration. Macro Authentication enables the crawling engine of InsightAppSec and AppSpider to authenticate with complex login workflows.

Vulnerability Validator - Use the vulnerability validator in conjunction with the Attack Replay feature in InsightAppSec and AppSpider. This feature of the Chrome plugin enables users to replay and edit recorded traffic generated during an InsightAppSec or AppSpider scan.

Bootstrap Authentication - The Chrome plugin is required to use AppSpider Enterprise's Bootstrap Authentication feature, which gives the user the ability to interactively login to the target application during an active scan. Used for login workflows that require human interaction for example 2FA (Two-factor authentication).

Traffic Recorder - Record the interactions (like HTTP GET and POST requests) between the front end application and the back end server in a Traffic File. InsightAppSec can replay these interactions to authenticate into your application.

For support related to this plugin, please contact [email protected]

User reviews

Not able to execute it on the configured URL, throwing msg?.startsWith error.

Rahul Kumar, 2022-04-26

helps me validate findings, create login macros, bootstrap logins.

Brian Loo, 2018-04-09

Very useful extension for AppSpider Enterprise. In order to enable these features in AppSpider Enterprise you need to modify NTOE.config file and change <macroPlugin Enabled="false" /> line to <macroPlugin Enabled="True" />

Orlando Barrera II, 2017-03-10

View all user reviews

Safety

Risk impact

Rapid7 AppSec Plugin is very risky to use and it requires a lot of sensitive permissions. Avoid installing this extension unless you absolutely trust this publisher.