HennyClever - Location Spoofer
Version 1.0.0 View in Chrome Web Store
Extension Details
Context-Aware Verdict
The extension has extremely limited adoption with only 6 users and a below-average rating of 3.2, indicating poor user satisfaction. The developer domain "hennywill.com" lacks established reputation in the extension ecosystem. The extension appears to be newly released with version 1.0.0, providing no track record of reliable updates or security practices.
The extension's purpose as a "location spoofer" inherently involves deceptive practices that could violate terms of service for various websites and services. The tabs permission is excessive for location spoofing functionality and enables monitoring of all browser activity. The broad host permissions combined with scripting capabilities create potential for data harvesting beyond the stated purpose. The focus on Google.com access suggests targeting of a highly sensitive platform where users handle personal information, emails, and financial data.
Given the high risk profile, install this extension only in a completely separate Chrome profile isolated from your main browsing activities. Never use this profile for accessing sensitive accounts, banking, or personal information. Consider whether location spoofing is necessary for your use case, as legitimate VPN services provide similar functionality with better security practices. Monitor the extension's behavior closely and remove immediately if you notice unexpected network activity or performance issues. Alternative established location spoofing tools from reputable developers would be safer choices.
Findings
Security Analysis Details
Required Permissions:
- storage
- scripting
- tabs
Host Permissions:
- https://www.google.com/*
Embedded URLs (15 total):
| https://www.google.com/ | https://figma.com | |
| https://canva.com | https://realfavicongenerator.net/ | |
| https://favicon.io/ | https://www.gimp.org/ | |
| https://www.photopea.com/ | https://favicon.io/favicon-checker/ | |
| https://fonts.google.com/icons | https://fontawesome.com/icons | |
| https://www.flaticon.com/ | https://svgtopng.com/ | |
| https://clients2.google.com/service/update2/crx | https://buymeacoffee.com/hennywill | |
| https://github.com/hennywill |
Raw Manifest
{ "name": "HennyClever - Location Spoofer", "icons": { "128": "icon.png" }, "action": { "default_icon": "icon.png", "default_popup": "popup.html" }, "author": "HennyWill", "version": "1.0.0", "background": { "type": "module", "service_worker": "background.js" }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "Spoof your geolocation to any world capital. Test location-based features, access region-specific content, and protect your privacy.", "permissions": [ "storage", "scripting", "tabs" ], "content_scripts": [ { "js": [ "content-script.js" ], "run_at": "document_start", "matches": [ "https://www.google.com/*" ], "all_frames": false } ], "host_permissions": [ "https://www.google.com/*" ], "manifest_version": 3, "web_accessible_resources": [ { "matches": [ "https://www.google.com/*" ], "resources": [ "inject.js" ] } ] }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
This extension may not yet be analyzed by Secure Annex.