all InfoSec news
Chrowned by an Extension: Abusing the Chrome DevTools Protocol through the Debugger API. (arXiv:2305.11506v1 [cs.CR])
cs.CR updates on arXiv.org arxiv.org
The Chromium open-source project has become a fundamental piece of the Web as
we know it today, with multiple vendors offering browsers based on its
codebase. One of its most popular features is the possibility of altering or
enhancing the browser functionality through third-party programs known as
browser extensions. Extensions have access to a wide range of capabilities
through the use of APIs exposed by Chromium. The Debugger API -- arguably the
most powerful of such APIs -- allows extensions …
abusing api browser browsers chrome chromium codebase debugger extension features party piece popular project protocol the web third third-party vendors web