Back to home

Compare

Browser extension triage: how the tools compare

EDR, XDR, and browser-management platforms all inventory or score extensions. None of them read the code and run it to return a verdict. Here's where each one stops, and where behavioural analysis begins.

What separates these tools from behavioural analysis

Every tool on this page scores extensions from static signals - the permissions they declare, publisher reputation, known-CVE scans, AI code-reading, or telemetry from an agent on real machines. None of them publicly documents actually detonating the extension: loading it into an instrumented browser, driving it against live sites, and capturing the network calls, DOM changes and messages its code really produces. That behavioural evidence is what Am I Being Pwned is built on - the difference between “this asked for risky permissions” and “this sent your session cookies to an unknown endpoint on every page load.”