Static analysis CLI for Chrome Extension (.crx) packages. Parses CRX2/CRX3, scores permissions, detects Chrome Debugger Protocol abuse, embedded secrets, and produces a malicious/suspicious/clean risk verdict.

Analyzes AWS IAM JSON policies to highlight risky permission patterns and generate least-privilege recommendations via an interactive web interface.

Self-hosted FastAPI service for syncing Chrome extension metadata, CRX artifacts, manifests, icons, and permission analysis into Simprint.