Before Start
Many things said at the beginning of this site are oriented towards beginners.
You can skip them and move on to the chapters that interest you if you get bored.
Chrome extensions offer a wide range of capabilities, including:
- Interacting with individual websites
- Creating your own App
- Interacting with native system applications
- Customize the user interface
- Modify and observe the browser
Such a complex tool can generate a significant number of security-related issues, many of which will be addressed in this resource.
Basic Concepts
Before we begin, I would like to discuss some basic concepts that you may find useful while reading this resource.
Many basic things unrelated to security can be read on the official website
Chrome Extension Store
Most extensions for Google Chrome can be downloaded from the Chrome Web Store.
To view the list of extensions, go to the extensions page (chrome://extensions/) in Chrome. Here you will see a list of all installed extensions.
You can also find the settings page here - chrome://extensions. For us, the extension ID is important. It is through this ID that you will access the extension windows in the form of chrome-extension://ID/. Additionally, it allows for debugging the popup window and background script (this will be covered in the following chapters, so it's okay if you don't understand what this means yet).
You can find already downloaded extensions at the following paths:
- MacOS:
~/Library/Application Support/Google/Chrome/Default/extensions - Linux:
~/.config/google-chrome/Default/Extensions/ - Windows:
%appdata%\Local\Google\Chrome\User Data\Default\Extensions