Chrome Extensions

Overview

Evidence: Chrome Extensions Description: Collect Chrome Extensions Category: Browser Platform: Linux Short Name: chrext Is Parsed: Yes Sent to Investigation Hub: Yes Collect File(s): No

Background

Chromium-based browser extensions extend functionality and can be abused for persistence, credential theft, tracking, or data exfiltration. Manifest metadata and permissions offer insight into capabilities and risk.

Data Collected

This collector gathers structured data about chrome extensions.

Chrome Extensions Data

Collection Method

This collector discovers profile Preference files, parses extension configuration, locates each extension's manifest.json, copies artifacts to case content, and normalizes extension metadata (permissions, version, author, install time).

Usage

Extension inventories help identify malicious or risky add-ons, correlate with browser activity, and detect persistence mechanisms. Permissions and update URLs aid threat hunting and attribution.

Notes

This data may contain sensitive information that should be handled according to data protection requirements. Ensure proper chain of custody is maintained during collection and analysis.