Chrome Extensions
Overview
Section titled “Overview”Evidence: Chrome Extensions
Description: Collect Chrome Extensions
Category: Applications
Platform: linux
Short Name: chrext
Is Parsed: Yes
Sent to Investigation Hub: Yes
Collect File(s): No
Background
Section titled “Background”Chromium-based browser extensions extend functionality and can be abused for persistence, credential theft, tracking, or data exfiltration. Manifest metadata and permissions offer insight into capabilities and risk.
Data Collected
Section titled “Data Collected”This collector gathers structured data about chrome extensions.
Collection Method
Section titled “Collection Method”This collector discovers profile Preference files, parses extension configuration, locates each extension’s manifest.json, copies artifacts to case content, and normalizes extension metadata (permissions, version, author, install time).
Forensic Value
Section titled “Forensic Value”Extension inventories help identify malicious or risky add-ons, correlate with browser activity, and detect persistence mechanisms. Permissions and update URLs aid threat hunting and attribution.