Developing Apps For Mozilla's Firefox OS

Non-profit organisation Mozilla recently came up with the Firefox OS, named after its popular internet browser Firefox. The OS has been developed to run on smartphones and tablets and is currently running on the ZTE Open and GeeksPhone Peak+ smartphones. In addition, the OS is also expected to be running on Smart televisions soon. The OS competes with Google’s Android, Apple’s iOS, Microsoft’s Windows Phone and other mobile operating systems like Jolla’s Sailfish OS. It is based entirely on open standards and uses HTML5, JavaScript etc. There are certain resources that you will need in order to develop apps for the Firefox OS. Here are eight that may be of help to you.

- Firefox OS simulator: Use this to test your apps on the OS.

- Boilerplate app: Use this to check the usage of the WebAPI.

- IndexDB: This is how you can store data in the user’s browser.

- App Manifest: This teaches you how to create a manifest file that lets your apps talk to the web browser.

- App Manager: Get in depth control of the debugging and deployment of HTML5 apps.

- You need to make cross domain requests by making the app Privileged (or Certified).

- Firefox OS Style Guide: This is the style guide for the Firefox OS that you can use for colours etc.

- Firefox OS design principles: This is a description of the design philosophy used in the OS.

Author Shivam Kotwalia, CodeKill

12 Penetration Testing Add-Ons For Firefox

Now you can use your Firefox browser as a penetration testing tool with the help of these amazing add ons! Have a look 

Firefox is not popular only for its open source nature but it can also be turned into a very effective penetration testing tool. Mozilla has its own section for add-ons and all of the following are available. Here they are...

1. FoxyProxy Standard: This advance proxy management add-on for the Firefox internet browser supplements the built-in proxy capabilities of Firefox. The add-on switches the user’s internet connection over one or more proxy servers based on the URL patterns and has many other features as well.

2. Firebug: This tool allows the user to debug and edit JavaScript, HTML and CSS live on a webpage and see the changes take effect. The add-on is useful for analysing JavaScript files for XSS vulnerabilities.

3. Web Developer: This add-on helps in penetration testing by adding various web development tools to Firefox.

4. User Agent Switcher: This add-on is useful if you want to spoof your browser while attacking a network. It places a tool bar on the browser that lets you switch between user agent and browser seamlessly.

5. Live HTTP Headers: The add-on displays live headers for each of the HTTP requests and responses on Firefox. It also allows the user to save header information by a click of a button. It is a really helpful tool for penetration testers.

6. Tamper Data: This add-on is quite similar to the one above, but it brings the added header editing capacity to Firefox. The user can view and then modify HTTP and HTTPS headers and post parameters. You can use it for penetration testing for web applications by modifying the POST parameters. It can also be used to make XSS and SQL Injection attacks.

7. Hackbar: This penetration testing tool for Firefox helps the user in testing simple SQL injection and XSS loopholes through Firefox. In addition, the add-on also has encoding and encryption tools, which can help in testing XSS vulnerability using encoded XSS payloads.

8. Websecurify: This add-on can detect most of the common vulnerabilities in any web applications. It is a complete penetration testing tool that can be added to the Firefox brower.

9. Add N Edit Cookies: As the name suggests, this Firefox browser lets the user add or edit the cookies data for the browser. It is quite useful for penetration testing, especially when trying to perform session hijacks.

10. XSS Me: This add-on helps in detecting XSS vulnerabilities in web applications. It scans all the different forms of a web page and then attacks the pages that qualify with a predefined XSS payload.

11. SQL Inject Me: This one helps in finding SQL injection vulnerabilities in web applications. It displays the vulnerabilities in a web application without exploiting them.

12. FlagFox: This browser adds a country’s flag on Firefox and determines where a web server is located. The add-on also has a web server. 

Author : Shivam Kotwalia, CodeKill

7 Great Mozilla Add-Ons For Hackers

Ethical hacking could be great fun if you know about these add-ons. Try them out and let us know your feedback... 

The creation of penetration testing labs in Kali Linux or Backtrack, has been a popular topic for a long time, but the fact remains that all challenges, practice, and hacking need tools. One of the better known tools is the Addons which comes in many types and forms. We thought it would be fun to bring to you a list of important add-ons for hackers and pentesters. Here are the top 7 that we shortlisted:

1. Tamper Data: This is one of the most used Addons for Pentesters, who traditionally make use of it for viewing and modifying HTTP/HTTPS headers and post parameters, trace and time HTTP response or requests, security test web applications by modifying POST parameters and a lot more. The add-on can be downloaded here.

2. Hack Bar: Another well known and very often used tool, it is mostly used for security audit , and comes strongly recommended for installation and XSS, SQL Encoding/Decoding - MD5, SH1, Base64, Hexing, Splitting etc. The add-on can be downloaded here.

3. Live HTTP Headers: Similar to the Tamper Data add-on, the one big difference this add-on has is that it allows for viewing HTTP headers of a page while browsing. The add-on can be downloaded here.

4. User Agent Switcher: This particular add-on works wonders in adding a menu and a toolbar button to switch the user agent of a browser. This is, in turn, helpful in the changing of a User Agent to IE, Search Robots, I-Phone (I-OS). Besides this, the user can also use this add-on in the creation of his or her own User Agent. The add-on can be downloaded here.

5. Cookie Manager+: This is a great add-on for viewing, editing, creating and injecting cookies. The best thing about the add-on is the fact that it displays extra information about cookies, allows edit multiple cookies at once & backup/restore.

6. HTTP Fox: This add-on works for those looking to monitor and analysing all incoming and outgoing HTTP traffic between the browser and the web servers. The aim of the add-on is to bring the functionality known from tools like Http Watch or IE Inspector to the Firefox browser. The add-on can be downloaded here.

7. Passive Recon: This add-on gives its users the capability of performing "packetless" discovery of target resources utilizing publicly available information. The add-on can be downloaded here. 

Author : Shivam Kotwalia, CodeKill

5 Useful And Lesser Known Firefox Secrets!

Firefox has a massive worldwide user base, second only to Google Chrome.

Mozilla's Firefox internet browser is quite popular amongst open source lovers. The browser is fast, easy-to-use and provides tons of useful features. Interestingly though, while many use this free browser on a regular basis, few of us know how easy Firefox can actually become. These are five lesser known features that people seem to miss usually.

1. Smart Keywords: When you go to a website with a search bar, you can simply right click on the bar and click ‘Add Keywords for this search’. This lets you create a smart keyword. Doing this, you can run searches on any website from the browser’s address bar directly.

2. Multiple homepages: Yes, you don’t have to have just one homepage. You can easily open multiple home pages. Open the Options tab in Firefox and click General. Locate the ‘Homepage’ bar and instead of putting a single website there, use the pipe operator (|) to separate the websites that you want. So, put down — www.google.com| www.facebook.com| www.efytimes.com. All three sites will open whenever you open Firefox.

3. Bookmarking RSS feeds: There are many websites that you may be checking frequently. For this, you can use a nifty feature from Firefox. All you have to do is right click on the Firefox toolbar, click on Customise and then drag and drop the RSS logo into the toolbar. Then you open the website that you regularly open and click on the RSS logo to add the RSS Feed bookmark. It will keep updating itself.

4. Take Firefox with you: You can install Firefox onto an USB drive and take it wherever you go. This ensures that you don’t have to change the settings whenever you use Firefox on a different computer. Here’s how.

5. Keyboard shortcuts: Firefox has an array of keyboard shortcuts that allow you to browse the internet much faster. The open source browser allows users to easily toggle between tabs, re-open closed tables and start private browsing. In addition, Firefox also has mouse gestures, although they aren’t quite near the elegance presented by Apple’s Mac OS X. You can find the shortcuts and gestures here and here respectively.