Hot Take [Updated 29/12/2018] Browser extension comparison: Malwares and Phishings

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Comparison between browser extensions

Test 29/12
Q&A - [Updated 29/12/2018] Browser extension comparison: Malwares and Phishings


Test 24/11
Q&A - [Updated 24/11/2018] Browser extension comparison: Malwares and Phishings


Test 12/11
Q&A - [Updated 12/11/2018] Browser extension comparison: Malwares and Phishings


Test 7/11
Q&A - [Updated 7/11/2018] Browser extension comparison: Malwares and Phishings


Test 6/9
Q&A - [Updated 3/9/2018] Browser extension comparison: Malwares and Phishings


Test 3/9
Q&A - [Updated 3/9/2018] Browser extension comparison: Malwares and Phishings


Test 2/9
Q&A - [Updated 25/7/2018] Browser extension comparison: Malwares and Phishings


Test, quick 1/9
Q&A - [Updated 25/7/2018] Browser extension comparison: Malwares and Phishings


Fun test 25/7/2018
Q&A - [Updated 24/7/2018] Browser extension comparison: Malwares and Phishings


Updated 24/7/2018 (most comprehensive, as possible)
Q&A - [Updated 24/7/2018] Browser extension comparison: Malwares and Phishings


Updated 19/7/2018
Q&A - [Updated 10/7/2018] Browser extension comparison: Malwares and Phishings


Updated 18/7/2018
Q&A - [Updated 10/7/2018] Browser extension comparison: Malwares and Phishings


Updated 10/7/2018
Q&A - [Updated 10/7/2018] Browser extension comparison: Malwares and Phishings


Updated 7/6/2018
Q&A - [Updated 7/6/2018] Browser extension comparison: Malwares and Phishings


Updated 3/6/2018
Q&A - [Updated 3/6/18] Browser extension comparison: Malwares and Phishings


Updated 25/4/2018
Poll - [Updated 25/4/18] Browser extension comparison: Malwares and Phishings


Update: 23/3/2018
Poll - [Updated 23/3/18] Browser extension comparison: Malwares and Phishings



Browser: Google Chrome 65 x64
Malware and phishing links: 10 malc0de, 10 vxvault, 10 openphish, 10 verified phishtank, 10 unverified phishtank
Total: 50 links
Extensions: recently downloaded from Chrome Web Store
- Google Safe Browsing (built-in chrome's protection)
- AdGuard AdBlocker: default settings, uses Google Safe Browsing (delayed) and their own database
- Avira browser safety: default settings
- Norton Safe Web: default settings
- Bitdefender Trafficlight: default settings, it rarely blocks any malware links, just old ones
- Avast Online Security: default settings, only has phishing protection, expected to score 0 against malwares
- Netcraft Extension: default settings, only has phishing protection, expected to score 0 against malwares
- uBlock Origin with some additional filters

NOTE: the result can vary from day-to-day. Tomorrow with different links, the result can be very different. All are live links but they can be dead a few minutes after the test. No duplication

Results:
result.png


Winner: Google Safe Browsing
 
Last edited:

Gandalf_The_Grey

Level 84
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,414
Hi @Evjl's Rain, and everybody else,

quick question, if a adblock filter shows "0 used out of 195,646" which is what my Energized Blu Protection is saying, or "21 used out of 107,788" which is what my adguard base filter/AdGuard English Filter is saying, does that mean all hosts/links within that filter have been covered by something else?

Thanks
Yes, you're correct. They are covered by one of the other filters. So no need to use those 2.
 

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Hi @Evjl's Rain, and everybody else,

quick question, if a adblock filter shows "0 used out of 195,646" which is what my Energized Blu Protection is saying, or "21 used out of 107,788" which is what my adguard base filter/AdGuard English Filter is saying, does that mean all hosts/links within that filter have been covered by something else?

Thanks
energized basic already contains all sources of Blu so you don't need to add blue
Capture.PNG

also, stevenblack contains a lot of sources including peter lowe
about adguard,I guess you also check Easylist and adguard base filter that your screenshot doesn't show so when you add adguard base filter you highlighted, it will show close to zero
 

JiSingh12

Level 3
Verified
Sep 1, 2018
136
energized basic already contains all sources of Blu
View attachment 203890
stevenblack contains a lot of sources including peter lowe
I guess you also check Easylist and adguard base filter

HI :)

The github page I visited didn't show that table, it was a different table that didn't say basic included blu, so might have been an older version, but thanks :)

No wonder Stevenblack isn't using many sources, I thought it did have something to do with one of the pre included filters.

Yeah I read adguard English filter includes easylist so that's why, just thought maybe there could be extras :p

Thanks then.
 

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
Just use the Blu Basic, More than neouhg adequate filters on there which can be twinned with other filter lists as well to make for a well rounded adblocking experience.

~LDogg
 
  • Like
Reactions: kylprq

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684

Gandalf_The_Grey

Level 84
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,414
here you are :)
tested with 10 different live vxvault links

chrome 9/10
avira 5/10
emsisoft 0/10
malwarebytes 9/10
Norton 4/10
comodo 1/10
bitdefender 10/10
WDBP 10/10
squidblacklist 4/10
Can you include the tested links?
Would like to test them against Kapsersky.
 
Last edited:

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Can you included the tested link?
Would like to test them against Kapsersky.
these are vxvault links. Kaspersky should block them all. They are not fresh
easiest test ever

Code:
http://185.118.166.205:4577/vid.exe
http://209.141.35.236/svchost.exe
http://91.243.82.203/1/1.exe
http://apkupdatessl.co/Off1cc34dvnc3.exe
http://cdn.discordapp.com/attachments/522281428038320155/522615269819023360/ROBLOXHACK.bat
http://chansfound.com/bin/rig.exe
http://draven.ru/stub.exe
http://goodplacejeep.ru/shimato/msconm.exe
http://ostappnp.myjino.ru/reg.exe
http://winupdate.ga/winupdate.exe
 

Gandalf_The_Grey

Level 84
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,414
these are vxvault links. Kaspersky should block them all. They are not fresh
easiest test ever

Code:
http://185.118.166.205:4577/vid.exe
http://209.141.35.236/svchost.exe
http://91.243.82.203/1/1.exe
http://apkupdatessl.co/Off1cc34dvnc3.exe
http://cdn.discordapp.com/attachments/522281428038320155/522615269819023360/ROBLOXHACK.bat
http://chansfound.com/bin/rig.exe
http://draven.ru/stub.exe
http://goodplacejeep.ru/shimato/msconm.exe
http://ostappnp.myjino.ru/reg.exe
http://winupdate.ga/winupdate.exe
And Kaspersky blocks them all.
Thanks (y)
 

goodjohnjr

Level 5
Verified
Jul 11, 2018
231
According to Fabian Wosar the Emsisoft Browser Security extension has been updated :

We released an update to the extension today. The following things changed:
During downloads, we now check the URL the file is being downloaded from and block the download if the source is considered malicious
When submitting a URL, the user now gets a confirmation message and is prevented from submitting the same URL again for the rest of the browser session
You can no longer report browser-internal pages like chrome://version or about:config anymore.
Current status of the extension is now reflected in the icon (coloured icon if protection is on, monochrome when turned off)
The Firefox version is already updated. Chrome is taking a while with their review but should show up in the next couple of days.

So it might be worth running another test of it real quick.

Thank you,

-John Jr
 
  • Like
Reactions: Gandalf_The_Grey

goodjohnjr

Level 5
Verified
Jul 11, 2018
231
here you are :)
tested with 10 different live vxvault links

chrome 9/10
avira 5/10
emsisoft 0/10
malwarebytes 9/10
Norton 4/10
comodo 1/10
bitdefender 10/10
WDBP 10/10
squidblacklist 4/10

Thank you for another test Evjl's Rain.

I am surprised by how well WDBP (Windows Defender Browser Protection) has done in your last two tests, even defeating the Malwarebytes extension; I wonder if it finally has equal detection to Microsoft Edge and I wonder if they will continue developing it now that Microsoft will be switching browser engines eventually?

-John Jr
 

tsunami

Level 3
Verified
Well-known
Jul 10, 2018
131
Thank you for another test Evjl's Rain.

I am surprised by how well WDBP (Windows Defender Browser Protection) has done in your last two tests, even defeating the Malwarebytes extension; I wonder if it finally has equal detection to Microsoft Edge and I wonder if they will continue developing it now that Microsoft will be switching browser engines eventually?

-John Jr

They should, that would give them more coverage for non edge chromium browsers.
 

goodjohnjr

Level 5
Verified
Jul 11, 2018
231
Imagine Chromium Edge having Smartscreen & Google Safebrowsing. Chrome Web Store is said to be supported, so likely Google Safebrowsing will be part of Chromium Edge as well.

Hello Enemyofarsenic,

That is what I am hoping for, then maybe Chrome will finally have some more competition, and maybe I can finally use Microsoft's new browser instead (especially if it has a permanent private mode option like Firefox or settings to clear data on browser exit like the current Edge has).

-John Jr
 

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Thank you for another test Evjl's Rain.

I am surprised by how well WDBP (Windows Defender Browser Protection) has done in your last two tests, even defeating the Malwarebytes extension; I wonder if it finally has equal detection to Microsoft Edge and I wonder if they will continue developing it now that Microsoft will be switching browser engines eventually?

-John Jr
no, WDBP is the same as edge's smartscreen and it will never be the same. I guess due to the browser's restriction
I believe the new edge will use smartscreen only, and they will still support for chrome
chrome has many more users => improve edge detection
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top