Firefox Addons For Penetration Testing
Firefox Addons For Penetration Testing----
1>Firebug---
(useful for the debugging tools that can help you tracking rogue javascript code on servers)---
2>User Agent Switcher---
(You can use this extension to change the user agent of your browser)
3>HackBar---
(Useful for SQL injection and XSS attacks)
4>HttpFox---
(Monitor and analyze all the incoming and outgoing HTTP traffic between your browser and the web server.)
5>Live HTTP Headers---
(View the HTTP headers of a website instantly)
6>Tamper Data---
(View and modify HTTP/HTTPS headers and post parameters.)
7>ShowIP---
(Shows the IP of the current page)
8>OSVDB---
(Open Source Vulnerability Database Search)
9>Packet Storm search plugin---
(Search the packet storm database for exploits)
10>Offsec Exploit-db Search---
(Search the Exploit-db archive)
11>Security Focus Vulnerabilities Search Plugin----
(Search for vulnerabilities in the Security Focus)
12>Cookie Watcher---
(Watch the selected cookie in the status bar)
13>Header Spy---
(Shows HTTP Headers on status bar)
14>Groundspeed---
(Manipulate the application user interface)
15>CipherFox---
(Displays the current SSL/TLS cipher and certificate on the status bar)
16>XSS Me---
(Tool for testing reflected XSS vulnerabilities)
17>SQL Inject Me---
(Extension to test SQL Injection vulnerabilities)
18>Wappalyzer---
(Discover technologies and applications that are used on websites)
19>Poster---
(Make HTTP requests,interact with web services and watch the output)
20>Javascript Deobfuscator---
(Show the JavaScript code that are running on web pages)
21>Modify Headers---
(Modify HTTP request headers)
22>FoxyProxy---
(Advanced proxy management tool)
23>FlagFox---
(Displays a country flag for the location of the web server)
24>Greasemonkey---
(Customize the way a webpage behaves by using small bits of JavaScript)
25>Domain Details---
(Displays Server Type, Headers, IP Address, Location Flag, and links to Whois Reports)
26>Websecurify---
(Useful for security assessments in web applications)
27>XSSed Search---
(Search the cross-site scripting database at XSSed.Com)
28>ViewStatePeeker---
(ASP.NET viewstate viewer)
29>CryptoFox---
(CryptoFox is an encryption/decryption tool for cracking MD5 passwords)
30>WorldIP---
(Location of the web server,IP,Datacenter,Ping,Traceroute,RDNS,AS etc)
31>Server Spy---
(Unveils the technology of the web server (Apache, IIS etc.)
32>Default Passwords---
(Search CIRT.net default password database)
33>Snort IDS Rule Search---
(Search for Snort IDS Rules)
34> fireforce--
(brute force attack)
WARNING:THIS IS FOR EDUCATIONAL PURPOSES ONLY...............I DO NOT STAND RESPONSIBLE FOR ANY HARM THAT OCCURS TO YOUR COMPUTER
ConversionConversion EmoticonEmoticon