[float=left][/float][justify]Sometimes we can see some new challengers asking for some help using Micro$oft Edge or other uncanny software in order to complete some basic challenges… Here I suggest to use Firefox, to make the way easier to challenges completion. Why especially Firefox? At first because it’s free, it’s open-source, it’s a good and fast browser, but above all else because it’s highly customizable depending on your needs. Its add-on section on the Mozilla website offers thousands of extensions in many different categories, such as web development, penetration testing and security analysis. Using Firefox this way makes the job easier to do when you’re trying to find security holes or exploit some webserver flaws, and helps you to save time by using only one tool for many different tasks related to security tests. If you plan to become a white or gray hat, then this browser is your friend. It’s one of the most important browsers for testers working in Web application domain. If you don’t have it installed yet, you can download Firefox here: https://www.mozilla.org/.
Below is a little list of interesting extensions that you could find useful to perform penetration tests and complete some hacking challenges all over the web. This list of add-ons varies from information gathering tools to attacking tools (don’t pay attention to the list order). Use only the ones you need, many of them offering similar functionalities. They’re all free and downloadable from the official Mozilla website:
FoxyProxy Standard
FoxyProxy is an advanced proxy management tool that completely replaces Firefox’s limited proxying capabilities. Based on the URL patterns, it switches internet connection across one or more proxy servers. When proxy is in use, it also displays an animated icon.
https://addons.mozilla.org/en-US/firefox/addon/foxyproxy-standard/Firebug
With this development tools you can edit, debug and monitor HTML, CSS and Javascript live in any web page… Very useful for hacking purposes.
https://addons.mozilla.org/en-US/firefox/addon/firebug/Web Developer
Web Developer adds various web development tools to the browser. It helps in web application penetration testing.
https://addons.mozilla.org/en-US/firefox/addon/web-developer/DOM Inspector
DOM Inspector is a tool that can be used to inspect and edit the live DOM of any web document or XUL application. The DOM can be navigated using a two-paned window displaying a variety of different views on the document and all nodes within.
https://addons.mozilla.org/en-US/firefox/addon/dom-inspector-6622/View Source Chart
Enables accelerated human processing of DOM
https://addons.mozilla.org/en-US/firefox/addon/view-source-chart/JavaScript Deobfuscator
This add-on shows you what JavaScript code runs on a web page, even if it is obfuscated and generated on the fly. Simply open JavaScript Deobfuscator from the Web Developer menu and watch the scripts being compiled/executed.
https://addons.mozilla.org/en-US/firefox/addon/javascript-deobfuscator/View Dependencies
View Dependencies adds a tab to the Page Info window, in which it lists all the files which were loaded to show the current page.
https://addons.mozilla.org/en-US/firefox/addon/view-dependencies/Wappalyzer
Wappalyzer is an add-on that identifies softwares used by a website.
https://addons.mozilla.org/en-US/firefox/addon/wappalyzer/IE Tab V2
The updated, fully supported IE Tab. Embed IE in a Firefox tab. IE Tab Features: FF 4+ support, IE 7-9 compatibility modes, old IE Tab settings import. Enbles you to use the embedded IE engine within Mozilla Firefox.
https://addons.mozilla.org/en-US/firefox/addon/ie-tab-2-ff-36/NoScript
With this tool, you can monitor each and every script running on a website ; you can block any of the scripts and see what each script actually does.
https://addons.mozilla.org/en-us/firefox/addon/noscript/QuickJava
Allows quick enable and disable of Java, Javascript, Cookies, Image Animations, Flash, Silverlight, Images, Stylesheets and Proxy from the Toolbar. This is great for increasing security or decreasing bandwidth.
https://addons.mozilla.org/en-US/firefox/addon/quickjava/Greasemonkey
Grease Monkey is the counter part to NoScript, its function is the exact opposite of Noscript. We use Noscript to block scripts and GreaseMonkey to run them. It allows you to customize the way a web page displays or behaves by using small bits of JavaScript.
https://addons.mozilla.org/en-US/firefox/addon/greasemonkey/Greasefire
Automatically find user scripts on Userscripts.org (requires Greasemonkey or Scriptish)
https://addons.mozilla.org/en-US/firefox/addon/greasefire/Live HTTP Headers
View HTTP headers of a page and while browsing. It displays live headers of each http request and response. An essential add-on for security testing process.
https://addons.mozilla.org/en-US/firefox/addon/live-http-headers/Tamper Data
Similar to the Live HTTP Header add-on but has header editing capabilities. Use tamperdata to view and modify HTTP/HTTPS headers and post parameters. It can be used in performing XSS and SQL Injection attacks by modifying header data.
https://addons.mozilla.org/en-US/firefox/addon/tamper-data/Modify Headers
Add, modify and filter the HTTP request headers sent to web servers. This addon is particularly useful for Mobile web development, HTTP testing and privacy.
https://addons.mozilla.org/en-US/firefox/addon/modify-headers/Header Spy
Shows HTTP headers on statusbar.
https://addons.mozilla.org/en-US/firefox/addon/header-spy/User Agent Switcher
The User Agent Switcher extension adds a menu and a toolbar button to switch the user agent of a browser. User Agent add on helps in spoofing the browser while performing some attacks.
https://addons.mozilla.org/en-US/firefox/addon/user-agent-switcher/Poster
A developer tool for interacting with URLs and other web resources that lets you make HTTP requests, set the entity body, and content type. This allows you to interact with web services and inspect the results…
https://addons.mozilla.org/en-US/firefox/addon/poster/Cookies Manager+
Cookies manager to view, edit and create new cookies. It also shows extra information about cookies, allows edit multiple cookies at once and backup/restore them. With this tool, you can easily add session data manually in cookies. This tool is performed in session hijacking attack when you have the active cookies of the user. Edit your cookies to add the data and hijack the account.
https://addons.mozilla.org/en-US/firefox/addon/cookies-manager-plus/Cookie Monster
Cookie Monster provides proactive cookie management on a site or domain level basis, including 3rd party cookies. Via the Toolbar, it provides easy access to enhanced cookie functionality, while doing so in a non-intrusive manner.
https://addons.mozilla.org/en-US/firefox/addon/cookie-monster/Export Cookies
Exports all cookies in IE manner. Makes a Netscape standard cookies.txt file. Very useful for WGET –load-cookies option.
https://addons.mozilla.org/en-US/firefox/addon/export-cookies/Websecurify
Websecurify is a complete and powerful cross-platform web security testing technology designed from the ground up with simplicity in mind. This tool can easily detect XSS, SQL injection and other web application vulnerability. It gives most of the features available in standalone tool.
https://addons.mozilla.org/en-us/firefox/addon/websecurify/HackBar
Simple security audit / Penetration test tool. It helps in testing simple SQL injection and XSS holes. You cannot execute standard exploits but you can easily use it to test whether vulnerability exists or not. You can manually submit form data with GET or POST requests. It also has encryption and encoding tools, that helps in testing XSS vulnerability with encoded XSS payloads, and then perform the attack. It also helps you to easily bypass client side validations of the page.
https://addons.mozilla.org/en-US/firefox/addon/hackbar/Fireforce
Brute-force attacks on GET or POST forms
https://addons.mozilla.org/en-US/firefox/addon/fireforce/XSS Me
Cross-Site Scripting (XSS) is a common flaw found in todays web applications. XSS-Me is the Exploit-Me tool used to test for reflected XSS vulnerabilities. It scans all forms of the page, and then performs an attack on the selected pages with pre-defined XSS payloads. After the scan is complete, it lists all the pages that renders a payload on the page, and may be vulnerable to XSS attack.
https://addons.mozilla.org/en-us/firefox/addon/xss-me/SQL Inject Me
SQL Injection vulnerabilities can cause a lot of damage to a web application. A malicious user can possibly view records, delete records, drop tables or gain access to the server. SQL Inject-Me is Firefox Extension used to test for SQL Injection vulnerabilities.
https://addons.mozilla.org/en-us/firefox/addon/sql-inject-me/Access Me
Access vulnerabilities in an application can allow an attacker to access resources without being authenticated. Access-Me is a Firefox extension used to test for Access vulnerabilities.
https://addons.mozilla.org/en-US/firefox/addon/access-me/Clear Cache Button
Adds a clear cache toolbar button. After installing the extension, find the clear cache button in the toolbar customization… Quick and easy to use!
https://addons.mozilla.org/en-US/firefox/addon/clear-cache-button/ReloadEvery
Reloads web pages every so many seconds or minutes. The function is accessible via the context menu (menu you get when you right click on a web page) or via tab context menu (right click on the tab).
https://addons.mozilla.org/en-US/firefox/addon/reloadevery/ShowIP
Show the IP address(es) of the current page in the status bar. Showip delivers Website, City, Country and other information for SEO, security and fun :) It also allows querying custom services by IP (right mouse button) and hostname (left mouse button), like whois, netcraft.
https://addons.mozilla.org/en-US/firefox/addon/showip/Flagfox
Displays a country flag depicting the location of the current website’s server and provides a multitude of tools such as site safety checks, whois, translation, similar sites, validation, URL shortening, and more…
https://addons.mozilla.org/en-us/firefox/addon/flagfox/Port Scanner
This extension scans the TCP ports.
https://addons.mozilla.org/en-US/firefox/addon/port-scanner/Hosts Spy
On a shared hosting, find other sites hosted on the web server.
https://addons.mozilla.org/en-US/firefox/addon/host-spy/Domain Details
Display server type, headers, country flag and the links whois reports.
https://addons.mozilla.org/en-US/firefox/addon/domain-details/DT Whois
Domaintools.com whois button…
https://addons.mozilla.org/en-US/firefox/addon/dt-whois/CipherFox
Displays the current SSL/TLS cipher, protocol and certificate chain in the Add-on bar and Site ID dialog
https://addons.mozilla.org/en-US/firefox/addon/cipherfox/Calomel SSL Validation
The addon will score the strength of the SSL connection. The toolbar button will change color depending on the strength of encryption from red (weak) to green (strong). The drop down window shows a detailed summary of the SSL connection.
https://addons.mozilla.org/en-US/firefox/addon/calomel-ssl-validation/Cert Viewer Plus
Certificate viewer enhancements: PEM format view, file export, trust configuration
https://addons.mozilla.org/en-US/firefox/addon/cert-viewer-plus/Export All Certificates
Adds an option to the Certificate Manager to export all root certificates.
https://addons.mozilla.org/en-US/firefox/addon/export-all-certificates/ViewStatePeeker
This add-on can decode and show viewstate contents of an *.aspx page. Once you intall this add-on, it shows up a ‘Show Viewstate’ item in context menu of Firefox. When this menuitem is clicked, a popup comes up showing the viewstate details.
https://addons.mozilla.org/en-US/firefox/addon/viewstatepeeker/PassiveRecon
PassiveRecon provides information security professionals with the ability to perform “packetless” discovery of target resources utilizing publicly available information. Simply visit the target entity’s website (using Tor), right mouse-click and navigate to the PassiveRecon menu, or use the status bar menu. From there you can open individual public domain websites or click Show All to view all of the sites at once.
https://addons.mozilla.org/en-US/firefox/addon/passiverecon/CryptoFox
CryptoFox is an encryption or decryption tool for Mozilla Firefox. It supports most of the available encryption algorithm. So, you can easily encrypt or decrypt data with supported encryption algorithm. This add-on comes with dictionary attack support, to crack MD5 cracking passwords. Although, it hasn’t have good reviews, it works satisfactorily.
https://addons.mozilla.org/en-US/firefox/addon/cryptofox/SecurityFocus Vulnerabilities search plugin
SecurityFocus Vulnerabilities search plugin, is not a security tool but a search plugin that lets users search for vulnerabilities from the Security Focus database.
https://addons.mozilla.org/en-us/firefox/addon/securityfocus-vulnerabilities-/Packet Storm search plugin
This is another search plugin that lets users search for tools and exploits from packetstormsecurity.org. The website offers free up-to-date security tools, exploits and advisories.
https://addons.mozilla.org/en-us/firefox/addon/packet-storm-search-plugin/Offsec Exploit-db Search
This is another plugin similar to the last two above. It also lets users search for vulnerabilities and exploits listed in exploit-db.com. This website is always up-to-date with latest exploits and vulnerability details.
https://addons.mozilla.org/en-us/firefox/addon/offsec-exploit-db-search/Snort IDS Rule Search
Snort IDS Rule Search is another search add-on for Firefox. It lets users search for Snort IDS rules on the snort.org website. Snort is the most widely deployed IDS/IPS technology worldwide. It’s an open source network Intrusion prevention and detection system with more than 400,000 users.
https://addons.mozilla.org/en-US/firefox/addon/snort-ids-rule-search/
Firefox is not only a nice browser, but also a friend of penetration testers and security researchers. These browser extensions are useful for most of the tasks related to penetration testing work, and reduce the use of separate tools.
Some of these tools help in debugging and/or gathering information about a website and its servers. A few other tools help in intercepting and modifying header information, to perform attacks via headers.
In case you are trying to perform session hijacking, you can use an add-on to edit the cookies with the cookie data stolen from a user’s browser.
SQL Inject ME, XSS Me and Websecurify are semi-automated tools to scan the page, and find the vulnerabilities that may be on the website. These 3 tools are dedicated security tools with a good success rate.
Hackbar is the best tool when you want to test a form against Post XSS. Hackbar helps you to manually submit a form to send POST data. If the app has client side validation in form, and has few limits in length and input, you can use Hackbar to submit form data manually and see the effect. It also has encoding tools to encode your XSS payloads, without using any separate tool. Most of the people involved in the security testing field use this tool.
Few tools are just search add-ons that can help you to search exploits and advisories from popular databases. You can use these add-ons to find the appropriate exploit to perform an attack on the web application, to check whether the app is affected with this known exploit or not.
I am sure you will like few of these add-ons and will use them in your security testing process. Personally I usually use AdBlock Plus, Ghostery, WebDeveloper, Firebug, Flagfox, NoScript, GreaseMonkey, Modify Headers, Cookies Manager+, HackBar, XSS me, SQL Inject Me and User Agent Switcher.[/justify]
[right]And you, which one do you use?[/right]