frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

I built a free Chrome extension security scanner now Fortune 500 teams use it

2•jensec•2h ago
Built this to speed up my own bug bounty workflow. Got tired of manually pulling apart .crx files to check what permissions extensions were asking for and why.

Paste a Chrome Web Store URL, it analyzes the extension and flags sketchy stuff. Added an LLM layer that catches things grep can't.

Made it free, mass awareness helps find more vulns. 20k+ people use it now, then random enterprise security teams started showing up. Still wrapping my head around that one.

https://crxplorer.com

Feedback welcome.

Comments

efortis•1h ago
Scanned mine:

https://crxplorer.com?extensionId=babjpljmacbefcmlomjedmgmke...

It's getting a 20% safety score on CSP, saying:

> The complete absence of a Content Security Policy (CSP) is a critical security vulnerability…

But absence means that it uses the default, which is fine in my case:

https://developer.chrome.com/docs/extensions/reference/manif...

---

And 65% on permissions, (it uses "download") and it says:

> …its necessity is unclear without an overview of the extension’s specific purpose.

but its purpose is stated

Show HN: DynamicHorizon – Dynamic Island for macOS

https://www.dynamichorizon.app
1•DHDEV•6m ago•0 comments

The Second Great Error Model Convergence

https://matklad.github.io/2025/12/29/second-error-model-convergence.html
1•kartikarti•9m ago•0 comments

Hyaluronic Acid in Topical Applications: Hero Molecule in the Cosmetics Industry

https://www.mdpi.com/2218-273X/15/12/1656
1•PaulHoule•11m ago•0 comments

Robots Are Hard – Revisiting the original Roomba and its simple architecture

https://robotsinplainenglish.com/e/2025-12-27-roomba.html
1•ArmageddonIt•13m ago•0 comments

Capital in the 22nd Century

https://philiptrammell.substack.com/p/capital-in-the-22nd-century
1•jger15•15m ago•0 comments

Will Skyrocketing Silver Prices Make Photo Film More Expensive?

https://petapixel.com/2025/12/29/will-skyrocketing-silver-prices-make-photo-film-even-more-expens...
1•geox•16m ago•0 comments

Show HN: J_PyDB – tiny encrypted file-based Python DB

https://github.com/NovaDev404/J_PyDB
1•SuperGamer474•21m ago•0 comments

Stranger Things Creator Says Turn Off "Garbage" Settings

https://screenrant.com/stranger-things-creator-turn-off-settings-premiere/
2•1970-01-01•22m ago•0 comments

Bye Bye Big Tech: How I Migrated to an Almost All-EU Stack (and Saved 500€/Year)

https://www.zeitgeistofbytes.com/p/bye-bye-big-tech-how-i-migrated-to
1•alexcos•22m ago•0 comments

Yae – Powerful yet Minimal Nix Dependency Manager

https://github.com/Fuwn/yae
1•MrJulia•25m ago•0 comments

Show HN: Notion-like private Markdown pages on Nostr

https://pages.formstr.app
1•abhsag24•28m ago•0 comments

A Timelapse of Satellite Launches: 1957–2025 [video]

https://www.youtube.com/watch?v=qJ7O2gigebQ
2•animal_spirits•33m ago•0 comments

Manus Acquired by Meta

https://twitter.com/ManusAI/status/2005766053813707003
2•obiefernandez•40m ago•1 comments

With the rise of AI, web crawlers are suddenly controversial

https://www.theverge.com/24067997/robots-txt-ai-text-file-web-crawlers-spiders
2•thunderbong•42m ago•0 comments

Ask HN: How do you manage kids' accounts?

5•xfax•42m ago•1 comments

Parsing Advances

https://matklad.github.io/2025/12/28/parsing-advances.html
11•birdculture•43m ago•0 comments

Art, Money, and AI

https://hughhowey.com/art-money-and-ai/
2•herbertl•44m ago•1 comments

Good technology blogs: a reading list for the holidays

https://clickhouse.com/blog/tech-blogs
2•samaysharma•45m ago•0 comments

SoftBank to buy data center investor DigitalBridge for $4B

https://www.datacenterdynamics.com/en/news/softbank-to-buy-data-center-investor-digitalbridge-for...
1•Gelob•45m ago•1 comments

Show HN: SafeVibe, a collaborative database to fix security gaps in vibe coding

https://safevibee.vercel.app/
1•tomdesantis•46m ago•0 comments

Lesson Learned: The Silent Danger of Hydration Fallbacks

https://mohammedeabdelaziz.github.io/articles/lesson-learned-form-security
1•mohammede•48m ago•0 comments

Show HN: A privacy-first bulk image compressor and HEIC converter in the browser

https://zip.easynote.cc/
1•h2bomb•52m ago•2 comments

Corroded: Rust that's so unsafe it should be illegal

https://github.com/buyukakyuz/corroded
5•corrode2711•52m ago•0 comments

Brew by Weight? Brew by AI

https://archestra.ai/blog/brew-by-ai
1•pimeys•53m ago•1 comments

Show HN: Incident management for Slack with AI-generated postmortems

https://www.incidentops.io/
1•soyzamudio•55m ago•0 comments

Daniel Jackson: Why concepts aren't objects

https://essenceofsoftware.com/posts/concepts-and-oop/
2•vinipolicena•59m ago•0 comments

50,000 drums of radioactive wastes were dumped near the Farallones, 1946 to 1970

https://pubs.usgs.gov/fs/farallones/
6•greesil•1h ago•1 comments

"Simple Made Easy" – Rich Hickey (2011) [video]

https://www.youtube.com/watch?v=SxdOUGdseq4
4•petermcneeley•1h ago•2 comments

The state is making a list of transgender Texans, using driver licenses to help

https://www.houstonpublicmedia.org/articles/lgbtq/2025/12/15/538666/texas-trans-transgender-drive...
17•heavyset_go•1h ago•0 comments

Publite: Minimal, self-hostable blogging platform

http://blog-green-mountain-1517.fly.dev/home
2•lente•1h ago•0 comments