All that glitters isn't Chrome: Hunting for suspicious browser extensions

Presented at BSidesLV 2019, Aug. 7, 2019, 5:30 p.m. (25 minutes)

Browser (Chrome) extensions can often be overlooked in an enterprise environment. They offer would-be attackers' access to all sorts of potentially sensitive information. In order to find interesting ones there are a number of tools and data analysis techniques available. Some of these tools and techniques will be covered so you can hunt through your organizations Chrome extensions in a meaningful way, and understand the risk they pose.

Presenters:

• Mike Sconzo
  Mike Sconzo has been around the Security Industry for quite some time, and is interested in creating and implementing new methods of detecting unknown and suspicious network activity as well as different approaches for file/malware analysis. This includes looking for protocol anomalies, patterns of network traffic, and various forms of static and dynamic file analysis. He works on reversing malware, tool creation for analysis, and threat intelligence. Currently a lot of his time is spent doing data exploration and tinkering with statistical analysis and machine learning to solve detection and threat intelligence related problems.

Similar Presentations:

• DerbyCon 8.0 Evolution (2018) / Offensive Browser Extension Development
• Black Hat Asia 2016 / Automated Detection of Firefox Extension-Reuse Vulnerabilities
• DEF CON 29 (2021) / Extension-Land: exploits and rootkits in your browser extensions