Firefox Extensions
Overview
Evidence: Firefox Extensions Description: Collect Firefox Extensions (Addons) Category: Browser Platform: Cross-platform Short Name: fext Is Parsed: Yes Sent to Investigation Hub: Yes Collect File(s): No
Background
This collector gathers firefox extensions information from the system. This data is essential for forensic investigations and incident response.
Data Collected
This collector gathers structured data about firefox extensions.
Firefox Extensions Data
ID
ID
1
ExtensionID
Extension ID
Example value
SyncGUID
Sync GUID
Example value
Version
Version
1.0.0
Username
Username
Example Name
Type
"extension" or "theme"
Example value
Name
Name
Example Name
Description
Description
Example value
Visible
Visible
true
Active
Active
true
UserDisabled
User Disabled
true
AppDisabled
App Disabled
true
Path
Path
/path/to/file
DefaultLocale
Default Locale
Example value
Hidden
Hidden
true
InstallTelemetryInfo
Install Telemetry Info
Example value
Location
Location
Example value
ManifestVersion
Manifest Version
1.0.0
OptionsURL
Options URL
Example value
OptionsType
Options Type
Example value
SourceURI
Source URI
Example value
SignedState
Signed State
Example value
SignedStateDesc
Signed State Desc
Example value
Incognito
Incognito
Example value
UserPermissions
User Permissions
Example value
OptionalPermissions
Optional Permissions
Example value
InstallDate
Install Date
2023-10-15 14:30:25
UpdateDate
Update Date
2023-10-15 14:30:25
SignedDate
Signed Date
2023-10-15 14:30:25
Collection Method
This collector queries the fext table via osquery and parses the results into structured data.
Usage
This evidence is crucial for forensic investigations as it provides insights into system activity, user behavior, and potential security incidents.
Notes
This data may contain sensitive information that should be handled according to data protection requirements. Ensure proper chain of custody is maintained during collection and analysis.
Last updated
Was this helpful?