Firefox penetration test Hack plugin set

The day before yesterday to see the elder brother with Firefox hackbar manual injection infiltration, feel that the direct use of browser plug-in penetration testing has many advantages, can be directly in front of the injection and other operations, can also save the trouble of looking for various tools. The front end is the most direct! So these two days began to organize a variety of Firefox and chrome infiltration plug-ins to learn.

Firefox

Not explained. Firefox has been a penetrating test of the weapon, than the celestial Baidu browser and 360 browser and other do not know the strong to where to go.

1.Firebug

Firebug has been a lot of program apes and hackers to choose the important factor of Firefox, famous, I believe as long as the development experience will certainly be familiar with this plugin. Recommended Nanyi's Firebug Getting Started guide. the detailed tutorial waits for me to open the PHP time to tidy up again.

2.User Agent Switcher

This is a plugin that changes the client user agent, allowing you to see the page model in your phone in your browser. I used it in front-end development.

3.Hackbar

Hackbar is also a very popular tool for penetrating, 91ri.org the necessary tools of the Siege division, providing SQL injection and XSS attacks, the ability to quickly encode strings.

In the future will be detailed introduction of this plug-in construction and use

4.HttpFox

This is a plug-in that monitors and analyzes HTTP traffic between the browser and the Web server.

5.Live HTTP Headers

Instantly view HTTP headers for a Web page.

6.Tamper Data

View and modify Http/https header and Post parameters

7.ShowIP

The status bar displays the current page's IP address, host name, ISP, country, and city information.

8.OSVDB

Very powerful, exploiting the source of vulnerability database retrieval

9.Packet Storm Search Plugin

Packet Storm provides plug-ins that can search for vulnerabilities, tools, and exploits

10.Offsec exploit-db Search

This plugin can search for exploit-db information (seemingly MSF is useful)

11.Security Focus Vulnerabilities Search Plugin

Search for vulnerabilities on security focus

12.Cookie Watcher

Show cookies on the status bar

13.Header Spy

Display HTTP headers in the status bar

14.Groundspeed

Manipulate the application user interface

15.CipherFox

Display the current SSL/TLS encryption algorithms and certificates in the status bar

16.XSS Me

XSS Test Extension

17.SQL Inject Me

SQL injection Test Extension

18.Wappalyzer

View the applications used by the site

19.Poster

Send HTTP requests that interact with the Web server and view the results of the output

20.javascript Deobfuscator

Display JavaScript code running on a Web page

21.Modify Headers

Modify the HTTP request header

22.FoxProxy

Firefox's agent tool, this should be very familiar with it. The proxy feature enables us to intercept and modify requests. To intercept the request and manipulate it.

23.FlagFox

Can be displayed in the Address bar or status bar on the current site of the country's flag, there are more other features, such as: Double-click flag can achieve WOT function, mouse click is the WHOIS function. Of course, users can set the shortcut keys in the options to achieve such functions as copy IP, Wikipedia query and so on.

24.Greasemonkey

Greasemonkey allows you to add DHTML statements (user scripts) to any Web page to change how they are displayed. Just like CSS allows you to take over the style of a Web page, user script allows you to easily control any aspect of web design and interaction.

25.Domain Details

Display server type, IP address, domain name registration information, etc.

26.Websecurify

Websecurity is the extension of Firefox for web security monitoring software and can be used for security assessment of Web applications

27.XSSed Search

This plugin can search the xssec.com cross-site Scripting database

28.ViewStatePeeker

View ASP. iewstate

29.CryptoFox

Crack MD5, encryption/decryption tools

30.WorldIP

Display the server's IP, address, ping, Traceroute, RDNs, and other information

31.Server Spy

Identify the type of Web server accessed, the version, and the plug-in for the IP address

32.Default passwords

Search cirt.net Default Password database

33.Snort IDS Rule Search

Search for Snort's IDs rules, which are useful for signing development applications

34.FireCAT

Firecat (Firefox Catalog of Auditing exTensions) is a list of the most effective and useful application security audits and risk assessment tools (these tools are published in the form of Firefox plugins). The types of security tools that are not collected in Firecat include: Fuzzer, Agent, and application scanner.

Firefox penetration test Hack plugin set