0
A+ A-
 

Firefox Addons For Penetration Testing


Firefox Addons For Penetration Testing----


1>Firebug---

(useful for the debugging tools that can help you tracking rogue javascript code on servers)---




2>User Agent Switcher---

(You can use this extension to change the user agent of your browser)




3>HackBar---

(Useful for SQL injection and XSS attacks)





4>HttpFox---

(Monitor and analyze all the incoming and outgoing HTTP traffic between your browser and the web server.)





5>Live HTTP Headers---

(View the HTTP headers of a website instantly)




6>Tamper Data---

(View and modify HTTP/HTTPS headers and post parameters.)






7>ShowIP---

(Shows the IP of the current page)





8>OSVDB---

(Open Source Vulnerability Database Search)




9>Packet Storm search plugin---

(Search the packet storm database for exploits)





10>Offsec Exploit-db Search---

(Search the Exploit-db archive)






11>Security Focus Vulnerabilities Search Plugin----

(Search for vulnerabilities in the Security Focus)




12>Cookie Watcher---

(Watch the selected cookie in the status bar)




13>Header Spy---

(Shows HTTP Headers on status bar)




14>Groundspeed---

(Manipulate the application user interface)




15>CipherFox---

(Displays the current SSL/TLS cipher and certificate on the status bar)




16>XSS Me---

(Tool for testing reflected XSS vulnerabilities)





17>SQL Inject Me---

(Extension to test SQL Injection vulnerabilities)




18>Wappalyzer---

(Discover technologies and applications that are used on websites)





19>Poster---

(Make HTTP requests,interact with web services and watch the output)





20>Javascript Deobfuscator---

(Show the JavaScript code that are running on web pages)






21>Modify Headers---

(Modify HTTP request headers)




22>FoxyProxy---

(Advanced proxy management tool)




23>FlagFox---

(Displays a country flag for the location of the web server)





24>Greasemonkey---

(Customize the way a webpage behaves by using small bits of JavaScript)





25>Domain Details---

(Displays Server Type, Headers, IP Address, Location Flag, and links to Whois Reports)




26>Websecurify---

(Useful for security assessments in web applications)





27>XSSed Search---

(Search the cross-site scripting database at XSSed.Com)





28>ViewStatePeeker---

(ASP.NET viewstate viewer)




29>CryptoFox---

(CryptoFox is an encryption/decryption tool for cracking MD5 passwords)




30>WorldIP---

(Location of the web server,IP,Datacenter,Ping,Traceroute,RDNS,AS etc)





31>Server Spy---

(Unveils the technology of the web server (Apache, IIS etc.)




32>Default Passwords---

(Search CIRT.net default password database)





33>Snort IDS Rule Search---

(Search for Snort IDS Rules)




34> fireforce--

(brute force attack)

By
Share to:

Post a Comment

Subscribe to: Post Comments (Atom)
 
Top