← Back to Labs

Browser Extension Attack Path

Step from install through exfiltration. Watch a single compromised extension walk from the Web Store to an attacker's server.

Web StoreBrowserExtensionWeb pageAttackerCRX3 (.zip + signature)
Step 1 / 7Install from Web Store

You click "Add to Chrome". The browser downloads a signed zip file from the Chrome Web Store and unpacks it into your profile directory.

Arrow keys to step through · R to reset

Tap dots to jump to any stage

Read the full article →Take the quiz →