20 best firefox add-ons for penetration testers and hackers
DESCRIPTION
Here is the list of best Firefox add-ons up-to now. These Firefox extensions are actually very powerful in finding vulnerabilities in webpages,web development,Hacking and what not. I just described a little bit about all of these Firefox add-ons.Now its your turn to explore the functionality of each of these plugins.Open all of these add-ons links in firefox browser.so that, you could directly integrate these plugins into Firefox browser without downloading each of them.TRANSCRIPT
20 Best Firefox Add-
ons for Penetration
Testers and Hackers
Ali Asghar Jafari Lari
1.HACK BAR
This Firefox Extension is very useful for Pen Testers.It is developed by John Adriaans and Pedro Leguna.It extends the address bar of Firefox so helps us by providing enough space for long injection URLs during Penetration Testing.
This Tool helps in finding SQL Injection,XSS holes and also helps in making Site Security.Main Function of this tool is to make Pen Test more Faster and Reliable.
Download: https://addons.mozilla.org/en-US/firefox/addon/hackbar/
2.FIREBUG
It is the web development tool that facilitates debugging,editing and monitoring of any website’s HTML,CSS,DOM,XHR and JavaScript as well as it also uses web development tool.It is Free and open source and come under BSD license.Written by Joe Hewitt.
Download: https://addons.mozilla.org/en-US/firefox/addon/firebug/
3.XSS ME
It is the Exploit-Me tool used for testing Reflected XSS Vulnerabilities.It is the part of Exploit-Me suite of Firefox add-ons for testing web applications.
Download: https://addons.mozilla.org/en-us/firefox/addon/xss-me/
4.SQL INJECTION ME
This Firefox add-on is used for detecting SQL Injection Vulnerabilities.It is also the part of Exploit-ME suite of Firefox add-ons for testing web applications.
Download: https://addons.mozilla.org/en-us/firefox/addon/sql-inject-me/
5.ADD N EDIT COOKIES
This Firefox add-on is the Cookie Editor which allows you to add and edit “Session” and Saved Cookies.
Download: https://addons.mozilla.org/en-us/firefox/addon/add-n-edit-cookies/
6.TAMPER DATA
You can use Tamper Data to view and modify HTTP/HTTPS Headers and POST parameters.It is used by Pen Testers for testing web application security by modifying POST parameters.
Download: https://addons.mozilla.org/En-us/firefox/addon/tamper-data/
7.LIVE HTTP HEADERS
As it name suggests it is used to view and edit real-time HTTP headers and data while browsing a web page.It analyze all the traffic generated by web page.
Download: https://addons.mozilla.org/en-US/firefox/addon/live-http-headers/
8.ACCESS ME
It is now the Exploit-Me Tool Suite.It is used to test some access vulnerabilities related to web applications.
Download: https://addons.mozilla.org/En-us/firefox/addon/access-me/
9.WEBSECURIFY
It is the cross-platform Web Testing Application.Also available as Firefox add-on.
Download: https://addons.mozilla.org/en-us/firefox/addon/websecurify/
10.FLAGFOX
It is the Firefox Extension displays a ‘flag icon’ indicating the current web server’s physical location.Also allow us to perform Tracerouting,Translation,Validation,Geolocationing,URL Shortening,Customlook-ups and much more.
Download: https://addons.mozilla.org/en-US/firefox/addon/flagfox/
11.CRYPTOFOX
It is the Encryption/Decryption Tool with dictionary attack support for cracking MD5 passwords.
Download: https://addons.mozilla.org/en-US/firefox/addon/cryptofox/
12.FIRESHEEP
It is the Firefox Extension that demonstrates Session Hijacking.It uses Packet Sniffers to intercept unencrypted cookies from a website such as Facebook and Twitter.
Download: http://codebutler.github.io/firesheep/
13.OFFSEC EXPLOIT-DB SEARCH
This plugin lets you search on Offsec Exploit Archive also known as Explo.it,is the replacement of Milworm archive.
Download: https://addons.mozilla.org/en-us/firefox/addon/offsec-exploit-db-search/
14.PACKET STORM SEARCH PLUGIN
This plugin lets you search on Packet Storm database.It offers up-to-date security tools,exploitsand much more.
Download: https://addons.mozilla.org/en-us/firefox/addon/packet-storm-search-plugin/
15.SQL INJECTION
It is the another Firefox extension which lets you identify SQL injection vulnerabilities in web pages.
Download: https://addons.mozilla.org/en-US/firefox/addon/sql-injection/?src=collection&collection_id=9f646761-2760-4d57-b0a5-06997613e677
16.HTTPFOX
It is used to analyze HTTP Headers.
Download: https://addons.mozilla.org/en-US/firefox/addon/httpfox/?src=collection&collection_id=9f646761-2760-4d57-b0a5-06997613e677
17.OSVDB
(Open Source Vulnerabilities Database Search) It lets you search on open source vulnerability database.
Download: https://addons.mozilla.org/en-US/firefox/addon/osvdb/?src=collection&collection_id=9f646761-2760-4d57-b0a5-06997613e677
18.WAPPALYZER
This Firefox add-on is capable to identifies software on websites.
Download: https://addons.mozilla.org/en-US/firefox/addon/wappalyzer/?src=collection&collection_id=9f646761-2760-4d57-b0a5-06997613e677
19.COOKIES MANAGER+
It is used to view,edit and create new cookies.It lets you edit multiple cookies at a time.
Download: https://addons.mozilla.org/en-US/firefox/addon/cookies-manager-plus/?src=collection&collection_id=9f646761-2760-4d57-b0a5-06997613e677
20.HACKTHEWEB
It is the collection of several tools and scripts that could really help you while pen testing.
Download: https://addons.mozilla.org/en-US/firefox/addon/hack-the-web/
ABOUT ME
Ali Asghar Jafari Lari
Author, Lecturer and Security Adviser
Manager of Parsing cyber research and network security team