[推荐]Penetration Testing Add-ons for Firefox
发表于: 2010-9-24 22:19 2339

[推荐]Penetration Testing Add-ons for Firefox

2010-9-24 22:19
In this post, I just wanted to enumerate a few Firefox add-ons that I thought were very useful in conducting penetration tests. I’d be really interested to hear what Firefox extensions other people are using for pen testing. So here it goes!

AddnEdit Cookies: This add-on allows you to easily add, delete and edit cookies in your browser.  (http://addneditcookies.mozdev.org/) Unfortunately, the latest version does not support the newer Firefox 3, until the maintainer updates the package, I’ve edited the latest XPI to work with the latest versions of Firefox. A copy of it can be found here.

DT Whois – Allows quick domaintools.com lookups for the page you are looking at (http://www.beysim.net/dtwhois/)

Firebug – Allows you to read, debug and locally tweak HTML, Javascript and CSS right in Firefox (http://getfirebug.com/)

HackBar – The toolbar that tries to do it all! (http://devels-playground.blogspot.com/)

Leet Key – an add on that makes it trivial to convert text in various formats back and forth.  For example, URL Encode, Base64, Hex and even morse code. |\|347! (http://leetkey.mozdev.org/)

Live HTTP Headers – Allows you to watch, edit and replay HTTP requests (http://livehttpheaders.mozdev.org/)

SQL Inject Me, XSS Me, Access Me - Those are 3 separate add-ons from Seccom Labs that try to make it easy to test Sql Injection, XSS vulnerabilities and Access vulnerabilities. (http://labs.securitycompass.com/index.php/exploit-me/)

SwitchProxy Tool – If you find yourself switching from no proxy, to burp proxy to paros proxy, etc a lot then you will enjoy switch proxy. It will allow you to switch proxy settings with just a few clicks! (http://mozmonkey.com/switchproxy/)

Tamper Data – It will allow you to selectively intercept HTTP and HTTPS traffic and tamper with the requests via it’s nice user interface. It will let you tamper with http headers, post and get requests. (http://tamperdata.mozdev.org/)

Torbutton – If you need to hide behind Tor, it can be only a click away with Torbutton (https://www.torproject.org/torbutton/)

User Agent Switcher - Need to change your user-agent string in a jiffy? Want to look like a robot? User Agent Switcher is here for that! (http://chrispederick.com/work/user-agent-switcher/)

exploit-db Search – Lets you search the exploit-db database right in the firefox search box (https://addons.mozilla.org/en-US/firefox/addon/50241)

SecurityWire Search – Lets you search the top security sites on the web right in the Firefox search box. All sites in the index have been handpicked by the SecurityWire Team. (https://addons.mozilla.org/en-US/firefox/addon/58686)

For a listing and easy installation of all these  on the mozilla ad-ons site. simply follow this link: https://addons.mozilla.org/en-US/firefox/collection/pentesterstools

Hope you enjoy the add-ons, next post will be about general security add-ons for Firefox.

[课程]FART 脱壳王!加量不加价!FART作者讲授!

免费 0
最新回复 (1)
雪    币: 93908
活跃值: (200199)
能力值: (RANK:10 )
Thanks for share.

Программное обеспечение выпуска и Windows Crack Обучение
Нам-Dabei Guanyin Бодхисаттва Нам без митабха
2010-9-24 22:36
登录 | 注册 方可回帖