Here’s a list of 4 vulnerability checker extensions for Chrome which you can use to check if your websites are safe, without any major security misconfigurations, bugs or exploits that people might use to bring it down. You can never be completely safe, but it doesn’t hurt to scan your website for some of the more known threats that can hurt you as a website owner, but also your visitors, if someone attacks your website and installs malware there.
Following extensions are going to check and warn you if there’s something wrong with your websites.
Bishop Vulnerability Scanner
Bishop Vulnerability Scanner lets you setup your own vulnerability scan rules, but the extension by default comes with a few pre-configured ones that can help you find more common exploits on websites.
Web page scanning is not turned on by default. You will have to open up extension settings and there setup the website that you want analyzed, and also add your own rules. Extension works by scanning URLs and detecting holes in content management systems installed on websites (WordPress, Joomla, etc.) or other systems like Github.
HackTab Web Security Tests
HackTab Web Security Tests checks websites for 4 types of problems, MySql injection, MSSQL injection, local file include vulnerabilities and for possible exploits caused by cross-site scripting (XSS).
This extension also doesn’t work right away, you need to setup the domains that you want scanned by clicking on the top right corner icon. Regular expressions are used to match the domains that you want scanned. Using the top right corner configuration drop down you can also select which problems the extension will look for, see image above.
Also, have a look at Web Securify: Free Website Security Testing Environment.
PunkSPIDER is a popular vulnerability scanner which covers a wide range of problems that can affect websites. This extension will put the PunkSPIDER scanner in the Chrome’s background, so that it performs scans continuously for every website that you visit.
Extension will only pop-out warnings if it finds problems with the website. Warning icon shows up in the address bar, all the way to the right. Clicking on the icon will give you a more detailed report on what kind of errors are present. PunkSPIDER will check for BSQLI, SQLI, XSS, TRACV, MXI, OSCI and XPATHI related problems and exploits on the web pages you visit.
The last vulnerability checker extension that I’m going to recommend helps you detect websites which still haven’t patched up the famous heartbleed bug which allows third parties to spy on you even when you’re on a page that uses SSL encryption.
Extension adds itself to the top right corner section of the screen, notice the icon on the image above. Websites are checked automatically, as soon as you visit them. If the bug was fixed, icon is going to be green, if not, the little heart is going to be red and oozing blood.
Also, have a look at How To Check Websites and Android Apps for Heartbleed Vulnerability?.
Out of the 4 vulnerability checker extensions from the list above, the one I liked that seems to offer the most is PunkSPIDER, although all the others aren’t that bad, depending on what your needs are. Checkout Stopbleed also, if you’re worried for your safety on other websites, no just the safety of your own websites.