Couple of days ago RSnake presented really nice POC on how to detect Firefox extensions using JavaScript and Image tags. This definitely goes into AttackAPI as soon as I finish working on my other projects. Meanwhile here is a simple (well maybe not that simple) bash script that goes through the newest, updated and popular Firefox extension feeds, and construct appropriate signatures in comma separated format.

The script can be downloaded from here.

It is also worth mentioning that similar technique can be used to enumerate currently installed applications by using the IE specific res:// protocol.