Browser extension security monitor – real‑time alerts, malicious domain blocking, and full control over your extensions.
Imagine a browser extension that looks harmless – a theme changer, a coupon finder, or a PDF tool. But hidden inside, it reads your cookies, steals your session tokens, and sends them to a remote server. Without you ever knowing, an attacker can hijack your logged‑in sessions (email, social media, banking). This is not theory – it’s a real attack that has happened thousands of times.
Example: You install a “Tab Manager” extension. It works fine. But in the background, it captures your sessionid cookie from your bank’s website and sends it to evil.com. The attacker then uses that cookie to log in as you.
KNAYH solves this by monitoring every extension’s behaviour in real time. If an extension tries to send cookies or passwords to an unknown domain, KNAYH alerts you and blocks the request. You stay in control.
| Feature | What it does |
|---|---|
| 🚨 Real‑time alerts | Notifies you instantly when an extension uses high‑risk permissions or tries to exfiltrate data. |
| 🛑 Malicious domain blocking | Stops communication with known malicious sites using an updatable blocklist. |
| 📋 Extension inventory | Lists all installed extensions with risk badges (High / Low). |
| ⚙️ Three‑dot menu | Disable, uninstall, or view permissions of any extension directly from the popup. |
| 🔍 Credential theft detection | Monitors network requests for passwords, cookies, or tokens. |
| 🧾 Permission auditor | Flags dangerous permissions like cookies, webRequest, <all_urls>. |
- Download the latest
knayh.zipfrom the Releases page and extract it. - Open Chrome / Edge / Brave and go to
chrome://extensions. - Enable Developer mode (top‑right toggle).
- Click Load unpacked and select the extracted
knayhfolder. - The KNAYH icon appears in your toolbar – click it to start.
| Permission | Purpose |
|---|---|
management |
List, disable, and uninstall other extensions. |
webRequest |
Monitor network for credential theft. |
declarativeNetRequest |
Block malicious domains (no webRequestBlocking). |
storage |
Save settings and alert history. |
notifications |
Show desktop alerts. |
tabs / scripting |
Detect script injections on sensitive sites. |
KNAYH never collects personal data. Optional community feed shares only anonymised threat indicators.
KNAYH helps identify suspicious extension behaviour and blocks known malicious domains.
It does not guarantee 100% security. You remain responsible for your own actions.
If an extension causes harm despite monitoring, KNAYH and its author are not liable.
If KNAYH helps you stay safer, please give this repository a star ⭐ – it takes ten seconds and means a lot.
Thank you! 🙏
MIT – TnYtCoder