The Polykill Chrome Extension provides an easy way to run a risk report without installing anything onto your website directly. It injects the Polykill.js JavaScript library and produces a report immediately.

This is a great way to get a basic understanding of JavaScript risk, but does not provide the same coverage as Polykill.js. Malicious JavaScript can evade detection in certain scenarios and one-off tests should not be solely relied on for full understanding.

The Polykill Chrome Extension inventories and analyzes:

• All static and dynamic scripts running on the page
• XHR and beacon calls made to 3rd parties
• Sensitive data harvesting capabilities
• Breach history of script domain owner
• Domain name transfer activity
• and much more

Install the extension and view report

• Risk analysis on full JavaScript domain, path and parameters
• Risk analysis of 3rd party payload, breach history and more