34 Firefox penetration test plug-ins and 34 firefox penetration tests

Source: Internet
Author: User
Tags domain name registration user agent switcher

34 Firefox penetration test plug-ins and 34 firefox penetration tests

For good work, you must first sharpen the tool. firefox has always been an essential tool for penetration testing. Here, 34 firefox penetration testing auxiliary plug-ins are recommended, it includes penetration testing, information collection, proxy, encryption and decryption, and other functions.

1: Firebug

One of Firefox's five-star powerful recommendation plug-ins cannot be explained more

2: User Agent Switcher

Modifies a User Agent plug-in of the client.

3: Hackbar

A required tool for the attacker to quickly encode strings by providing SQL injection and XSS attacks.

4: HttpFox

Monitor and analyze HTTP traffic between browsers and web servers

5: Live HTTP Headers

Instantly view the HTTP header of a website

6: Tamper Data

View and modify HTTP/HTTPS headers and POST Parameters

7: ShowIP

The status bar displays the IP address, host name, ISP, country, and city information of the current page.

8: OSVDB

Opensource Vulnerability Database Search

9: Packet Storm search plugin

The plug-in provided by Packet Storm allows you to search for vulnerabilities, tools, and exploits.

10: Offsec Exploit-db Search

Search Exploit-db Information

11: Security Focus Vulnerabilities Search Plugin

Search for vulnerabilities on Security Focus

12: Cookie Watcher

Display cookie in the status bar

13: Header Spy

Show HTTP headers in the status bar

14: Groundspeed

Manipulate the application user interface.

15: CipherFox

Display the current SSL/TLS encryption algorithm and certificate in the status bar

16: XSS Me

XSS test Extension

17: SQL Inject Me

SQL Injection Test Extension

18: Wappalyzer

View the applications used by the website

19: Poster

Send an HTTP request that interacts with the Web server and view the output result.

20: Javascript Deobfuscator

Display Javascript code running on the webpage

21: Modify Headers

Modify the HTTP Request Header

22: FoxyProxy

Proxy tools

23: FlagFox

You can display the National Flag of the current website in the address bar or status bar. You can also use other functions, such as double-clicking the national flag to implement the WOT function. Of course, you can set shortcut keys in options to implement functions such as copying IP addresses and querying Wikipedia.

24: Greasemonkey

Greasemonkey allows you to add DHTML statements (User scripts) to any web page to change their display mode. Just like CSS allows you to take over web page styles, and User scripts allow you to easily control all aspects of web page design and interaction. For example:

* Make the URLs displayed on the page become the links that can be directly clicked. * Enhance the practicability of web pages to make websites you visit more in line with your habits. * Attackers can bypass the annoying bugs that often occur on the website.

25: Domain Details

Display Server type, IP address, domain name registration information, etc.

26: Websecurify

Websecurify is an extension of Firefox, a WEB security detection software. It can evaluate the security of Web applications.

27: XSSed Search

Search XSSed. Com cross-site scripting Database

28: ViewStatePeeker

View the iewState of asp.net

29: CryptoFox

Cracking MD5, encryption/Decryption tools

30: WorldIP

Displays the IP address, address, PING, Traceroute, and RDNS of the server.

31: Server Spy

Identifies the type, version, and IP address of the accessed web server.

32: Default Passwords

Search for the CIRT.net default password database.

33: Snort IDS Rule Search

Search for the IDS rules of Snort, which should be useful for signature development.

34: FireCAT

FireCAT (Firefox Catalog of Auditing exTensions) is a list of the most effective and useful application security audit and risk assessment tools (these tools were released as Firefox plug-ins ), security Tool types not collected in FireCAT include fuzzer, proxy and application scanner.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.