Active 2025-01-15

CRXMiner

Chrome Extension Security API - AI-powered threat detection for 10,000+ Chrome extensions. Analyze extensions for security risks, malicious behavior, and privacy concerns.

chrome-extensions security-api ai threat-detection browser-security
View on GitHub Documentation Live Demo
Quickstart
Get started instantly
curl -H "Authorization: Bearer crx_your_api_key" "https://crx.michaelhaag.org/api/v1/extensions/{extension_id}"

⚠ The Problem

Chrome extensions can pose significant security risks - they run in your browser context and can access sensitive data including banking information, credentials, and personal data. Organizations need a way to assess extension risk at scale, but manual analysis is time-consuming and inconsistent.

βœ“ The Solution

CRXMiner provides a high-performance REST API for analyzing Chrome extensions at scale. Built on the excellent CRXaminer toolkit by Mark Carney, it adds AI-powered analysis, continuous scanning of 10,000+ extensions, and a simple API for integration into security workflows.

⚑ Impact

Enables security teams to programmatically assess Chrome extension risk across their organization. Free tier provides 1,000 requests/day, making enterprise-grade extension security accessible to everyone.

Overview

CRXMiner is a production Chrome extension security API that scans 10,000+ extensions continuously, providing AI-powered risk analysis through a simple REST API.

Built on top of the amazing CRXaminer project by Mark Carney, CRXMiner adds:

  • High-performance API layer
  • AI-powered threat analysis with Claude
  • Continuous scanning infrastructure
  • Supabase-backed data storage
  • Real-time risk scoring

Key Features

πŸ€– AI-Powered Analysis

Claude AI analyzes extensions for:

  • Sophisticated threat patterns
  • Privacy concerns
  • Suspicious behavior
  • Contextual risk assessment

πŸ“Š Risk Scoring

Each extension receives:

  • Risk Level: Low, Medium, High, Critical
  • Risk Score: 0-100 numerical rating
  • Detailed Analysis: Specific concerns identified
  • Recommendations: Actionable security guidance

πŸ” Deep Analysis

Examines:

  • Requested permissions
  • API usage patterns
  • External connections
  • Code obfuscation
  • Data collection practices

⚑ High Performance

  • Sub-second API responses
  • Cached results for speed
  • 24/7 continuous scanning
  • 99.9% uptime

API Usage

Get Extension Analysis

curl -H "Authorization: Bearer crx_your_api_key" \
  "https://crx.michaelhaag.org/api/v1/extensions/cjpalhdlnbpafiamejdnhcphjbkeiagm"

Response Example

{
  "extension_id": "cjpalhdlnbpafiamejdnhcphjbkeiagm",
  "name": "uBlock Origin",
  "version": "1.54.0",
  "risk_level": "low",
  "risk_score": 25,
  "permissions": [
    "storage",
    "unlimitedStorage",
    "webRequest",
    "webRequestBlocking"
  ],
  "external_connections": [],
  "ai_summary": "Low risk ad blocker with appropriate permissions for functionality. No suspicious behavior detected.",
  "last_analyzed": "2025-01-15T10:30:00Z"
}

Use Cases

Enterprise Security

  • Audit employee-installed extensions
  • Block high-risk extensions via policy
  • Monitor extension inventory
  • Compliance reporting

Browser Security Research

  • Analyze extension trends
  • Identify malicious patterns
  • Track permission creep
  • Research privacy implications

Automated Workflows

  • CI/CD security checks
  • SOAR integration
  • Automated risk assessment
  • Security orchestration

Threat Intelligence

  • Track malicious extensions
  • Identify campaigns
  • Share IOCs
  • Community protection

Pricing

Free Tier

  • 1,000 requests/day
  • All features included
  • Community support
  • Perfect for individuals and small teams

Pro Tier

  • Higher rate limits
  • Priority support
  • Custom integrations
  • SLA guarantees

Built With

Frontend & API: Astro - Lightning-fast static site generation with API routes

Database: Supabase - PostgreSQL with real-time capabilities and authentication

Analysis Engine: CRXaminer - Mark Carney’s excellent Chrome extension analysis toolkit

AI Analysis: Claude AI - Contextual threat analysis and risk assessment

Credit

CRXMiner is built on the foundation of CRXaminer by Mark Carney. CRXaminer provides the core analysis capabilities, and CRXMiner adds the API layer, AI analysis, and continuous scanning infrastructure.

Huge thanks to Mark for building such a solid foundation!

Get Started

  1. Get API Key: Visit crx.michaelhaag.org
  2. Read Docs: Check the documentation
  3. Start Analyzing: Make your first API call
  4. Integrate: Add to your security workflows

API Documentation

Full API documentation available at crx.michaelhaag.org/docs

Community

Start analyzing Chrome extensions today: crx.michaelhaag.org

Start analyzing Chrome extensions

Get Started Report Issue

Related Modules

Active

MITRE ATT&CK MCP

MCP server providing AI assistants with instant access to the complete MITRE ATT&CK framework - techniques, tactics, groups, software, and mitigations.

mcp mitre-attack threat-intelligence ai +1
View Module β†’ GitHub