Edge Extensions

Overview

Evidence: Edge Extensions
Description: Collect Edge Extensions
Category: Applications
Platform: macos
Short Name: eext
Is Parsed: Yes
Sent to Investigation Hub: Yes
Collect File(s): No

Background

Browser extensions enhance browser functionality but can pose significant security risks. Malicious extensions can steal credentials, inject ads, track browsing activity, exfiltrate data, and modify web content. Understanding installed extensions is crucial for detecting browser-based attacks and unauthorized access.

Data Collected

This collector gathers structured data about edge extensions.

Collection Method

This collector queries the browser’s Extensions database or manifest files to extract installed extension information including names, IDs, versions, permissions, and installation sources.

Forensic Value

Browser extensions provide insight into potential compromise vectors and data exfiltration paths. Malicious or suspicious extensions may indicate phishing attacks, credential theft, adware infections, or privacy violations. This evidence helps identify attack entry points, persistence mechanisms, and unauthorized browser modifications.