Effective Date: 10/05/2025

Silent Recon is a browser extension designed for cybersecurity professionals to detect common web security misconfigurations during regular browsing sessions.

Data Collection

Silent Recon does not collect, store, or transmit any personal, identifiable, or sensitive user data. All detection and analysis are performed locally within your browser, and no information is sent to external servers.

Permissions Justification

The extension requests access to:

• All URLs – Required to inspect headers from any site the user visits, enabling detection of misconfigurations.
• Web request headers – Used to passively identify potential security issues such as:
  • Wildcard or misconfigured CORS policies
  • Missing or weak HTTP security headers (e.g., CSP, HSTS)
  • Exposed API endpoints
• Storage – Used to locally save detected findings on the user’s device so results persist across browsing sessions.

Silent Recon does not track, share, or transmit any of this data.

Security & User Control

• The extension runs in passive mode by default and must be manually enabled by the user.
• Users have full control: findings can be cleared at any time, and scanning can be toggled on/off.
• No background activity occurs when the extension is disabled.

Future Updates

If future premium features introduce any form of data collection or external API interaction, a revised privacy policy and user consent will be required and clearly communicated.

Contact

For any questions, feedback, or concerns, please contact: popeanga78@gmail.com