Browser Extension

Scan Every Site You Visit
In Real Time

The WRAITH browser extension automatically analyzes every website for security vulnerabilities — missing headers, XSS risks, exposed secrets, and more — right in your browser.

Chrome / Edge / Brave

Manifest V3 compatible.
Works on all Chromium browsers.

Download for Chrome

Installation Guide — Chrome / Edge / Brave

  1. Download & unzip — Click the button above. Find the downloaded wraith-extension.zip in your Downloads folder and unzip it. You'll see a wraith-extension folder.
  2. Open the extensions page — Type chrome://extensions in your address bar and press Enter. (For Edge use edge://extensions, for Brave use brave://extensions)
  3. Enable Developer Mode — Toggle the Developer mode switch in the top-right corner of the extensions page.
  4. Load the extension — Click the "Load unpacked" button that appears. Navigate to the wraith-extension folder you unzipped and select it.
  5. Pin it to your toolbar — Click the puzzle piece icon (🧩) in your toolbar, then click the pin icon next to WRAITH Security Scanner.
  6. Start browsing! — Visit any website. The WRAITH icon will show a colored badge with the number of findings. Click it to see your full security report.

Firefox

Full Manifest V3 support.
Load as temporary add-on.

Download for Firefox

Installation Guide — Firefox

  1. Download & unzip — Click the button above. Find wraith-extension.zip in your Downloads folder and unzip it.
  2. Open the debugging page — Type about:debugging#/runtime/this-firefox in your address bar and press Enter.
  3. Load the extension — Click "Load Temporary Add-on…" on the right side. Navigate into the wraith-extension folder and select the manifest.json file.
  4. Confirm it's loaded — You'll see "WRAITH Security Scanner" appear in the extensions list on that page. The WRAITH icon will also appear in your toolbar.
  5. Start browsing! — Visit any website. Click the WRAITH icon in your toolbar to see the security grade and detailed findings for that page.

⚠️ Note: Temporary add-ons are removed when you close Firefox. To make it permanent, the extension needs to be published on addons.mozilla.org.

Safari

Requires macOS + Xcode.
One extra conversion step.

Download for Safari

Installation Guide — Safari (macOS)

  1. Download & unzip — Click the button above. Find wraith-extension.zip in your Downloads folder and unzip it.
  2. Prerequisites — Make sure you have Xcode installed from the Mac App Store (free). Also install Xcode Command Line Tools by running xcode-select --install in Terminal.
  3. Enable the Develop menu — Open Safari → Settings → Advanced → check "Show features for web developers".
  4. Allow unsigned extensions — In the menu bar, click Develop → check "Allow Unsigned Extensions". Enter your Mac password to confirm.
  5. Convert the extension — Open Terminal and run:
    xcrun safari-web-extension-converter /path/to/wraith-extension --project-location ~/Desktop/wraith-safari
    Replace /path/to/ with where you unzipped the file.
  6. Build in Xcode — Xcode will open automatically. Click the ▶ Run button in the top-left. When prompted, allow the extension.
  7. Enable in Safari — Go to Safari → Settings → Extensions → check the box next to WRAITH Security Scanner.
  8. Start browsing! — Visit any website and click the WRAITH icon in Safari's toolbar to see your security report.

16 Security Checks, Instantly

Every page you visit is analyzed in milliseconds. Zero setup required.

Missing Security Headers
HSTS, CSP, X-Frame-Options, Referrer-Policy, Permissions-Policy
XSS Indicators
Reflected params, eval(), innerHTML, inline handlers
Sensitive Data Exposure
API keys, tokens, private keys in page source
Cookie Security
Secure, HttpOnly, SameSite flag analysis
Mixed Content
HTTP resources on HTTPS pages
Form Security
CSRF tokens, HTTP actions, autocomplete
Clickjacking
Frame-ancestors and X-Frame-Options
CORS Misconfig
Wildcard origins, credential exposure
Open Redirects
Redirect parameters in URLs
CSP Analysis
unsafe-inline, unsafe-eval detection
Third-Party Scripts
External script count and SRI checks
Vulnerable Libraries
Outdated jQuery, AngularJS detection
Browser Storage
Tokens and secrets in localStorage
Server Info Leakage
Server and X-Powered-By headers
HTTPS Enforcement
Plain HTTP detection on public sites
Deprecated Technology
Flash, Java applets, HTML frames

How It Works

1

Install the Extension

Download from GitHub, load as unpacked extension. Takes 30 seconds.

2

Browse Normally

Visit any website. WRAITH automatically scans every page in the background.

3

See Results Instantly

Click the WRAITH icon to see your security grade, findings, and remediation advice.

4

Track History

Review past scans. Your last 50 site scans are stored locally in the browser.

How Credits Work

Start scanning for free — upgrade when you need more

🆓

Free

10 scans

Try WRAITH on the web with 10 free security scans. No account needed.

  • Full 16-point security analysis
  • Real-time vulnerability detection
  • Security grade A+ to F
Most Popular
📬

Newsletter

+20 scans

Subscribe to our newsletter and instantly unlock 20 additional scan credits.

  • Everything in Free
  • 30 total scans
  • First to get updates
👤

Registered

Unlimited

Create a free account to unlock unlimited scans and full access to all features.

  • Unlimited web scans
  • Scan history & export
  • Priority support
🧩 Browser Extension: Get 500 free scans with installation — no account needed. After 500 scans, sign up to continue.
🔒

100% Private — No Data Leaves Your Browser

All scanning runs entirely on your machine. WRAITH never collects, transmits, or stores any browsing data externally. Your security analysis stays yours.

✓ Download started — see install steps below