Saturday, 16 November 2013

Plugin pentest Firefox

Firefox Addons For Penetration Testing

1>Firebug
(useful for the debugging tools that can help you tracking rogue javascript code on servers)

2>User Agent Switcher
(You can use this extension to change the user agent of your browser)

3>HackBar
(Useful for SQL injection and XSS attacks)

4>HttpFox
(Monitor and analyze all the incoming and outgoing HTTP traffic between your browser and the web server.)

5>Live HTTP Headers
(View the HTTP headers of a website instantly)

6>Tamper Data
(View and modify HTTP/HTTPS headers and post parameters.)

7>ShowIP
(Shows the IP of the current page)

8>OSVDB
(Open Source Vulnerability Database Search)

9>Packet Storm search plugin
(Search the packet storm database for exploits)

10>Offsec Exploit-db Search
(Search the Exploit-db archive)

11>Security Focus Vulnerabilities Search Plugin
(Search for vulnerabilities in the Security Focus)

12>Cookie Watcher
(Watch the selected cookie in the status bar)

13>Header Spy
(Shows HTTP Headers on status bar)

14>Groundspeed
(Manipulate the application user interface)

15>CipherFox
(Displays the current SSL/TLS cipher and certificate on the status bar)

16>XSS Me
(Tool for testing reflected XSS vulnerabilities)

17>SQL Inject Me
(Extension to test SQL Injection vulnerabilities)

18>Wappalyzer
(Discover technologies and applications that are used on websites)

19>Poster
(Make HTTP requests,interact with web services and watch the output)

20>Javascript Deobfuscator
(Show the JavaScript code that are running on web pages)

21>Modify Headers
(Modify HTTP request headers)

22>FoxyProxy
(Advanced proxy management tool)

23>FlagFox
(Displays a country flag for the location of the web server)

24>Greasemonkey
(Customize the way a webpage behaves by using small bits of JavaScript)

25>Domain Details
(Displays Server Type, Headers, IP Address, Location Flag, and links to Whois Reports)

26>Websecurify
(Useful for security assessments in web applications)

27>XSSed Search
(Search the cross-site scripting database at XSSed.Com)

28>ViewStatePeeker
(ASP.NET viewstate viewer)

29>CryptoFox
(CryptoFox is an encryption/decryption tool for cracking MD5 passwords)

30>WorldIP
(Location of the web server,IP,Datacenter,Ping,Traceroute,RDNS,AS etc)

31>Server Spy
(Unveils the technology of the web server (Apache, IIS etc.)

32>Default Passwords
(Search CIRT.net default password database)

33>Snort IDS Rule Search
(Search for Snort IDS Rules)

No comments:

Post a Comment