Now you can use your Firefox browser as a penetration testing tool with the help of these amazing add ons! Have a look | Firefox is not popular only for its open source nature but it can also be turned into a very effective penetration testing tool. Mozilla has its own section for add-ons and all of the following are available. Here they are... |
2. Firebug: This tool allows the user to debug and edit JavaScript, HTML and CSS live on a webpage and see the changes take effect. The add-on is useful for analysing JavaScript files for XSS vulnerabilities.
3. Web Developer: This add-on helps in penetration testing by adding various web development tools to Firefox.
4. User Agent Switcher: This add-on is useful if you want to spoof your browser while attacking a network. It places a tool bar on the browser that lets you switch between user agent and browser seamlessly.
5. Live HTTP Headers: The add-on displays live headers for each of the HTTP requests and responses on Firefox. It also allows the user to save header information by a click of a button. It is a really helpful tool for penetration testers.
6. Tamper Data: This add-on is quite similar to the one above, but it brings the added header editing capacity to Firefox. The user can view and then modify HTTP and HTTPS headers and post parameters. You can use it for penetration testing for web applications by modifying the POST parameters. It can also be used to make XSS and SQL Injection attacks.
7. Hackbar: This penetration testing tool for Firefox helps the user in testing simple SQL injection and XSS loopholes through Firefox. In addition, the add-on also has encoding and encryption tools, which can help in testing XSS vulnerability using encoded XSS payloads.
8. Websecurify: This add-on can detect most of the common vulnerabilities in any web applications. It is a complete penetration testing tool that can be added to the Firefox brower.
9. Add N Edit Cookies: As the name suggests, this Firefox browser lets the user add or edit the cookies data for the browser. It is quite useful for penetration testing, especially when trying to perform session hijacks.
10. XSS Me: This add-on helps in detecting XSS vulnerabilities in web applications. It scans all the different forms of a web page and then attacks the pages that qualify with a predefined XSS payload.
11. SQL Inject Me: This one helps in finding SQL injection vulnerabilities in web applications. It displays the vulnerabilities in a web application without exploiting them.
12. FlagFox: This browser adds a country’s flag on Firefox and determines where a web server is located. The add-on also has a web server.
Author : Shivam Kotwalia, CodeKill
No comments:
Post a Comment