Neto is a tool which is used to analyze browser extensions

Tool description

Neto is a tool which is used to analyze browser extensions. It is a complete suite (also extensible with its own plugins) for the analysis of extensions; it is easy to use and provides useful information about extension features of both Firefox and Chrome or Opera.

The file analysis which makes up an extension can reveal the existence of files that should not be present in production applications. These may include files linked to the management of versions such as GIT or other temporary and backup files. Of course, there are also extensions which are created as malware, adware or to spy on the user. There are many and various examples, especially recently within Chrome and Firefox. At the moment it is also quite common to find extensions for mining cryptocurrencies.


We have included two features in this first version: the analyzer itself (extendable through plugins to extend its power) and a daemon with a JSON RPC interface that will allow us to interact with the analyzer from other programming languages. On the other hand, if we are programming in Python, Neto has also been designed to function as a library.

As it is free software, there is the possibility for those who want to contribute something to it through the Github repository. The plugin structure allows the addition of new static analysis criteria whilst taking into account the analyst’s needs.

Fingerprint Checker


This is a simple script “quick and dirty” created in powershell to check for certificate fingerprints.

Latch USB Monitor


Monitors Plug ‘n Play device (PNP) changes in Windows and gives the user the possibility of tracking incoming devices, and react accordingly to a preconfigured Latch response.



CriptoClipWatcher will check if, once you have copied a cryptocurrency wallet or address into your clipboard, it is modified before you replace it from your clipboard.