Get .crx Chrome Extension file and extract source code in one click

Turn any Chrome extension into white box.
Learn from code, debug and pentest it!

Hey, stranger!

🌻 Take a look at the special page Just download chrome extension!.

This article uncovers a number of extremely useful Chrome Extensions to download. There is a ton of scam on the Chrome WebStore nowadays, and I, the maker of CRX Extractor, prepared a short list of extensions people ask for most of time.

If you're specially looking for some Downloader extension, the tool that helps download content from the web, check out Top 5 Chrome Extensions You Must Try While Staying Home In 2020.

Every extension has been “extracted” into source code. I analyzed internals and guarantee that they are safe to use.

There is a stuff like dark mode and few special “downloader” extensions worth trying.

Want more? Check out my new tool base64 encode! This ultimate base64 encode and decode tool has large files support and works browser-side.

Wondering how adblock works?

Ad blocking penetration rate in U.S. grew from 24% in 2016 to 30% in 2018. Almost one third of users don't generate ad revenue for content publishers.

Go here to find out →

How to use it?

  1. Drop the .crx file into the placeholder
  2. Wait until it will be processed
  3. Click "Download" and get source code as .zip archive with all related metadata

How to get .crx Chrome Extension File?

  1. Head your browser to Chrome WebStore
  2. Find an extension you want to save, then copy a link from the address line of your browser
  3. Paste copied link to the field in the right pane and click "OK". Then click appeared button. The download will start immediately.

How CRX Extractor works?

CRX Extractor has been created with the help  of an official Google documentation describing .crx Chrome Extensions file format.

To get a Chrome Extension source code, the utility parses the provided .crx file, extracts 'magic' header and stored code signature.

Along with meta-data, the .crx file contains .zip-archive. This archive contains the extension manifest, source code, popup.html and all related source files.

Want to know more about this tool and about the .CRX file format? Check the about page!

Motivation

The problem of Chrome Extensions security is well-known. Extensions have enormous power, because they allowed to access history and cookies of your browser and even change the content of the page you look at. This opens a huge amount of vectors for fishing attacks and spyware, opening opportunities for a lot kinds of malicious code.

Attackers can track your behaviour in Internet and your geolocation as well. They can steal your Facebook account or authentication cookies for online banking site you use.

The fact that the .crx format documented doesn't make it easily to manipulate. That's why this tool was created.

If you get Chrome Extension source code from .crx, you may research it's behaviour, find a malicious code, and easily learn from code to build better user experiences and improve Chrome browser use cases and defend yourself.

Learn more

  1. Learn how to create your first Chrome Extension
    with Getting Started guide
  2. Packaging of a Chrome Extension into .crx
  3. Google Chrome Extensions: 6 Security Facts

Privacy and personal data

The service allows you to easily get Chrome Extension source code without need in using advanced tools like hex-editor, turning the extraction into an automated process. Furthemore, this tool doesn't use any server-side code and operates only on the side of a browser. It doesn't store any of your personal data, protecting your privacy and rights.

Copyrights notice

The .crx extractor itself is distributed as is, under terms of GNU GPL v3. To obtain a source code of the tool, use the GitHub link from the footer.

Please use all the data you obtain using the tool with the respect to assigned copyrights. Don't redistribute or modify obtained content if you aren't permitted to act.

Communicate

We are at the ProductHunt and Twitter! Rate us, follow us, suggest us better idea!


“Once you have a malicious extension in your Chrome browser,
you're pretty much f***ed!”

Felix Lindner, Head of Recurity Labs, photo by Die WeltFelix Lindner
Head of Recurity Labs, at BlackHat Europe