❗ The owner and contributors are NOT RESPONSIBLE in any shape or form for any damage inflicted by the negligent use of samples stored in the repository, users must take necessary precautions prior to executing the samples.
This repository consolidates malicious browser extensions identified through:
- Independent security research
- Public incident disclosures
- Security blogs and threat intelligence reports
- Verified media investigations
All CRX samples collected here are used to train and evaluate the AI detection engine behind ExterminAI. The objective is to centralize fragmented research into a structured dataset for analysis and model development.
This dataset enables:
- Static analysis of malicious extension code
- Permission abuse pattern analysis
- Study of obfuscation and payload injection techniques
- Behavioral modeling for detection systems
- Benchmarking AI-based classification models
The IDs of the browser extensions found in this database are retrivered by news articles realted to Malicious Browser Extensions such as:
- https://thehackernews.com/
- https://layerxsecurity.com/
- https://securelist.com/
- https://www.bleepingcomputer.com/
- Blogs and many more.
All automatically done using n8n
This repository contains malicious software samples. They are provided strictly for:
- Research
- Detection model development
- Educational analysis
Do not install these extensions in a production browser environment. Use isolated VMs or sandboxed analysis environments only.
🔐 Legal & Ethical Notice
All samples originate from publicly reported malicious extensions.
This repository does not redistribute proprietary software for exploitation purposes. It exists solely for defensive cybersecurity research.
More about me: https://buio.me/ ⭐ if you like it and share it with others to spread awarness of malicious browser extensions.