08/05/18. Version 0.5
Neto is a tool which is used to analyze browser extensions. It is a complete suite (also extensible with its own plugins) for the analysis of extensions; it is easy to use and provides useful information about extension features of both Firefox and Chrome or Opera.
The file analysis which makes up an extension can reveal the existence of files that should not be present in production applications. These may include files linked to the management of versions such as GIT or other temporary and backup files. Of course, there are also extensions which are created as malware, adware or to spy on the user. There are many and various examples, especially recently within Chrome and Firefox. At the moment it is also quite common to find extensions for mining cryptocurrencies.
We have included two features in this first version: the analyzer itself (extendable through plugins to extend its power) and a daemon with a JSON RPC interface that will allow us to interact with the analyzer from other programming languages. On the other hand, if we are programming in Python, Neto has also been designed to function as a library.
As it is free software, there is the possibility for those who want to contribute something to it through the Github repository. The plugin structure allows the addition of new static analysis criteria whilst taking into account the analyst’s needs.