Hot Take [Updated 29/12/2018] Browser extension comparison: Malwares and Phishings

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Comparison between browser extensions

Test 29/12
Q&A - [Updated 29/12/2018] Browser extension comparison: Malwares and Phishings


Test 24/11
Q&A - [Updated 24/11/2018] Browser extension comparison: Malwares and Phishings


Test 12/11
Q&A - [Updated 12/11/2018] Browser extension comparison: Malwares and Phishings


Test 7/11
Q&A - [Updated 7/11/2018] Browser extension comparison: Malwares and Phishings


Test 6/9
Q&A - [Updated 3/9/2018] Browser extension comparison: Malwares and Phishings


Test 3/9
Q&A - [Updated 3/9/2018] Browser extension comparison: Malwares and Phishings


Test 2/9
Q&A - [Updated 25/7/2018] Browser extension comparison: Malwares and Phishings


Test, quick 1/9
Q&A - [Updated 25/7/2018] Browser extension comparison: Malwares and Phishings


Fun test 25/7/2018
Q&A - [Updated 24/7/2018] Browser extension comparison: Malwares and Phishings


Updated 24/7/2018 (most comprehensive, as possible)
Q&A - [Updated 24/7/2018] Browser extension comparison: Malwares and Phishings


Updated 19/7/2018
Q&A - [Updated 10/7/2018] Browser extension comparison: Malwares and Phishings


Updated 18/7/2018
Q&A - [Updated 10/7/2018] Browser extension comparison: Malwares and Phishings


Updated 10/7/2018
Q&A - [Updated 10/7/2018] Browser extension comparison: Malwares and Phishings


Updated 7/6/2018
Q&A - [Updated 7/6/2018] Browser extension comparison: Malwares and Phishings


Updated 3/6/2018
Q&A - [Updated 3/6/18] Browser extension comparison: Malwares and Phishings


Updated 25/4/2018
Poll - [Updated 25/4/18] Browser extension comparison: Malwares and Phishings


Update: 23/3/2018
Poll - [Updated 23/3/18] Browser extension comparison: Malwares and Phishings



Browser: Google Chrome 65 x64
Malware and phishing links: 10 malc0de, 10 vxvault, 10 openphish, 10 verified phishtank, 10 unverified phishtank
Total: 50 links
Extensions: recently downloaded from Chrome Web Store
- Google Safe Browsing (built-in chrome's protection)
- AdGuard AdBlocker: default settings, uses Google Safe Browsing (delayed) and their own database
- Avira browser safety: default settings
- Norton Safe Web: default settings
- Bitdefender Trafficlight: default settings, it rarely blocks any malware links, just old ones
- Avast Online Security: default settings, only has phishing protection, expected to score 0 against malwares
- Netcraft Extension: default settings, only has phishing protection, expected to score 0 against malwares
- uBlock Origin with some additional filters

NOTE: the result can vary from day-to-day. Tomorrow with different links, the result can be very different. All are live links but they can be dead a few minutes after the test. No duplication

Results:
result.png


Winner: Google Safe Browsing
 
Last edited:

blackice

Level 38
Verified
Top Poster
Well-known
Apr 1, 2019
2,731
My favourite combo is CleanBrowsing DNS + Blocksi Web Filter (set to warn unrated websites too)
Does clean browsing perform fairly well with CDNs and not have resolution problems?

Edit: remembering my resolution issue with them was the timeout they had on DNS over TLS before. It was too short and would fail 1 in every 20 or so resolutions.
 

imuade

Level 12
Verified
Top Poster
Well-known
Jul 29, 2018
566
Does clean browsing perform fairly well with CDNs and not have resolution problems?

Edit: remembering my resolution issue with them was the timeout they had on DNS over TLS before. It was too short and would fail 1 in every 20 or so resolutions.
Not sure if I have understood correctly your question.
Before I used CleanBrowsing DNS on DNScrypt and I didn't have any issue
 

TairikuOkami

Level 35
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,452
Does clean browsing perform fairly well with CDNs and not have resolution problems?
It happens to me sometimes, I have DNS Cache disabled, so I guess they have some limit for the number of DNS requests, but F5 usually fixes it.
 

Attachments

  • Untitled.jpg
    Untitled.jpg
    110.1 KB · Views: 328
  • capture_06172019_184327.jpg
    capture_06172019_184327.jpg
    307.8 KB · Views: 411

blackice

Level 38
Verified
Top Poster
Well-known
Apr 1, 2019
2,731
Not sure if I have understood correctly your question.
Before I used CleanBrowsing DNS on DNScrypt and I didn't have any issue

I worded my question poorly (sleep deprivation). My biggest curiosity is if cleanbrowsing has any problems with CDNs/streaming services routing to far away servers. Second question has more to do with DoT, which I think is just a problem with timeouts set on their end. Quad9 had the same problem. Cloudflare is much more forgiving in their timeouts.

It happens to me sometimes, I have DNS Cache disabled, so I guess they have some limit for the number of DNS requests, but F5 usually fixes it.
I had this same issue with Quad9 and DoT.
 

imuade

Level 12
Verified
Top Poster
Well-known
Jul 29, 2018
566
I worded my question poorly (sleep deprivation). My biggest curiosity is if cleanbrowsing has any problems with CDNs/streaming services routing to far away servers. Second question has more to do with DoT, which I think is just a problem with timeouts set on their end. Quad9 had the same problem. Cloudflare is much more forgiving in their timeouts.


I had this same issue with Quad9 and DoT.
Sometimes I watch sports on streaming and I have never experienced any issue :)
 

ebocious

Level 5
Verified
Well-known
Oct 25, 2018
232
Chrome+WDBP 18/20
chrome+WDBP+BDTL 20/20 => my recommended combo worked perfectly
How about Chrome+MBBE+BDTL?
Or Chrome+MBBE+WDBP?
Just curious to see how they stack up. I see the sense in your recommended combo: WDBP shouldn't be going anywhere so long as MS is around, and Bitdefender is about the most popular AV in the business; I've used BDTL longer than the rest. But I'm also interested in the viability of a signature-less extension like MBBE. BDTL has cloud analysis as well as signatures, which is great as long as they have paying customers.
 
Last edited:

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
How about Chrome+MBBE+BDTL?
Or Chrome+MBBE+WDBP?
Just curious to see how they stack up. I see the sense in your recommended combo: WDBP shouldn't be going anywhere so long as MS is around, and Bitdefender is about the most popular AV in the business; I've used BDTL longer than the rest. But I'm also interested in the viability of a signature-less extension like MBBE. BDTL has cloud analysis as well as signatures, which is great as long as they have paying customers.
MBBE is good bur the problems are it consumes a lot of CPU as long as you interact with your browser (scrolling, clicking,...) and it has quite a lot of FPs
WDBP doesn't have these issues because WDBP and BDTL only check a website once after it finishes loading and doesn't check anything else until visit another link (same or different domain)

moreover, since the release of chromium Edge, more and more users are switching => better database, better protection for WDBP and smartscreen

although WDBP can be weaker than malwarebytes, I still use it for performance purpose
 

ebocious

Level 5
Verified
Well-known
Oct 25, 2018
232
MBBE is good bur the problems are it consumes a lot of CPU as long as you interact with your browser (scrolling, clicking,...) and it has quite a lot of FPs
WDBP doesn't have these issues because WDBP and BDTL only check a website once after it finishes loading and doesn't check anything else until visit another link (same or different domain)

moreover, since the release of chromium Edge, more and more users are switching => better database, better protection for WDBP and smartscreen

although WDBP can be weaker than malwarebytes, I still use it for performance purpose
Yeah. I'm kind of on the fence about the FPs. While it is CPU-heavy, it gives me a little sense of security when I think of somebody releasing an ItW exploit for Spectre. I once watched a rogue page open 10 new tabs, I blinked, and all ten tabs had the Malwarebytes logo when I opened my eyes. I'm not saying half a second figuratively, I'm saying half a second literally. I'd love it if someone can give me a signature-less extension that produces fewer FPs while still delivering the results. Anyway, I appreciate the info and your hard work. Thank you!
 

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,506
Tested the 20 malware links from @Evjl's Rain with Windows Defender and MS Edge Dev:
SmartScreen on Edge blocked 3/20
Downloads were blocked by Edge 16/20
Only the zip file went through.
Tested the 32 phishing links from @Evjl's Rain with Windows Defender and MS Edge Dev:
SmartScreen on Edge blocked 26/32
It annoys me that the zip file went trough.
I submitted the file to Microsoft and they haven't done anything with it yet.
Still undetected by Windows Defender...
Thinking of going back to Kaspersky Security Cloud Free (together with Hard Configurator of course) :unsure:
 

TairikuOkami

Level 35
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,452
I wonder, is there an extension, which would allow me to use google safe browsing, ...
I guess, Google actually likes me, because they just did. It sucks at the moment, only 2 detections of out ~100 links, but it is version 1, so it is OK. :)
 

Attachments

  • capture_06192019_210139.jpg
    capture_06192019_210139.jpg
    137.2 KB · Views: 371

simmerskool

Level 31
Verified
Top Poster
Well-known
Apr 16, 2017
2,094
anyone used or tested the following
OPSWAT File Security for Chrome is a browser extension designed to enhance the security of browser users by verifying files before being downloaded. The browser extension connects to MetaDefender Cloud API and works as an automated file security tool, keeping users safe from file based infections. The extension is a free tool provided by OPSWAT.
 

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,506
My Combo: Edge Dev + Bitdefender TrafficLight:
Bitdefender TraficLight: 12/20
SmartScreen: 12/20
Downloads blocked by Edge Dev: 8/20
So in total 20/20

TrafficLight blocked first and then SmartScreen blocked exactly the same links.

For 8 files I was asked where to save them, but the actual downloads were blocked by Edge Dev as being unsafe.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top