Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Package proposal: chrome.extensions.vm #846

Closed
Ana06 opened this issue Jan 19, 2024 · 2 comments · Fixed by #1139
Closed

Package proposal: chrome.extensions.vm #846

Ana06 opened this issue Jan 19, 2024 · 2 comments · Fixed by #1139
Assignees
Labels
❔ discussion Further discussion is needed 🆕 package New package request/idea/PR

Comments

@Ana06
Copy link
Member

Ana06 commented Jan 19, 2024

Details

For dynamic analysis/debugging of credentials stealers, I find it useful to have some Chrome extensions installed like crypto wallets and password managers. What about installing some of the common ones in a new chrome.extensions.vm package? Ideally they should be configured with a testing/fake wallet (or password database) to ensure the credentials stealers find something to steal.

I suggest starting with the following popular crypto wallet extensions that I have seen recently in crypto wallet stealers:

We could also consider:

@vm-packages what do you think? Any other extensions that you would like to have installed?

@Ana06 Ana06 added ❔ discussion Further discussion is needed 🆕 package New package request/idea/PR labels Jan 19, 2024
@mr-tz
Copy link
Contributor

mr-tz commented Jan 19, 2024

Seems too niche to me to spend a lot of time on creating this. If it's easy to add extensions though, ok.

@Ana06
Copy link
Member Author

Ana06 commented Jan 22, 2024

I don't think we need a lot of time. I think installing extension is easy, it is likely just:

  1. Download the extension .zip or .crx
  2. run chrome using the --load-extension argument.

Configuring the extensions to include test databases/wallets may be a bit more of work. But having the extensions installed without test data would be already good. We could start with the extensions that are easier.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
❔ discussion Further discussion is needed 🆕 package New package request/idea/PR
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants