34 Firefox penetration test plug-ins and 34 firefox penetration tests
For good work, you must first sharpen the tool. firefox has always been an essential tool for penetration testing. Here, 34 firefox penetration testing auxiliary plug-ins are recommended, it includes penetration testing, information collection, proxy, encryption and decryption, and other functions.
1: Firebug
One of Firefox's five-star powerful recommendation plug-ins cannot be explained more
2: User Agent Switcher
Modifies a User Agent plug-in of the client.
3: Hackbar
A required tool for the attacker to quickly encode strings by providing SQL injection and XSS attacks.
4: HttpFox
Monitor and analyze HTTP traffic between browsers and web servers
5: Live HTTP Headers
Instantly view the HTTP header of a website
6: Tamper Data
View and modify HTTP/HTTPS headers and POST Parameters
7: ShowIP
The status bar displays the IP address, host name, ISP, country, and city information of the current page.
8: OSVDB
Opensource Vulnerability Database Search
9: Packet Storm search plugin
The plug-in provided by Packet Storm allows you to search for vulnerabilities, tools, and exploits.
10: Offsec Exploit-db Search
Search Exploit-db Information
11: Security Focus Vulnerabilities Search Plugin
Search for vulnerabilities on Security Focus
12: Cookie Watcher
Display cookie in the status bar
13: Header Spy
Show HTTP headers in the status bar
14: Groundspeed
Manipulate the application user interface.
15: CipherFox
Display the current SSL/TLS encryption algorithm and certificate in the status bar
16: XSS Me
XSS test Extension
17: SQL Inject Me
SQL Injection Test Extension
18: Wappalyzer
View the applications used by the website
19: Poster
Send an HTTP request that interacts with the Web server and view the output result.
20: Javascript Deobfuscator
Display Javascript code running on the webpage
21: Modify Headers
Modify the HTTP Request Header
22: FoxyProxy
Proxy tools
23: FlagFox
You can display the National Flag of the current website in the address bar or status bar. You can also use other functions, such as double-clicking the national flag to implement the WOT function. Of course, you can set shortcut keys in options to implement functions such as copying IP addresses and querying Wikipedia.
24: Greasemonkey
Greasemonkey allows you to add DHTML statements (User scripts) to any web page to change their display mode. Just like CSS allows you to take over web page styles, and User scripts allow you to easily control all aspects of web page design and interaction. For example:
* Make the URLs displayed on the page become the links that can be directly clicked. * Enhance the practicability of web pages to make websites you visit more in line with your habits. * Attackers can bypass the annoying bugs that often occur on the website.
25: Domain Details
Display Server type, IP address, domain name registration information, etc.
26: Websecurify
Websecurify is an extension of Firefox, a WEB security detection software. It can evaluate the security of Web applications.
27: XSSed Search
Search XSSed. Com cross-site scripting Database
28: ViewStatePeeker
View the iewState of asp.net
29: CryptoFox
Cracking MD5, encryption/Decryption tools
30: WorldIP
Displays the IP address, address, PING, Traceroute, and RDNS of the server.
31: Server Spy
Identifies the type, version, and IP address of the accessed web server.
32: Default Passwords
Search for the CIRT.net default password database.
33: Snort IDS Rule Search
Search for the IDS rules of Snort, which should be useful for signature development.
34: FireCAT
FireCAT (Firefox Catalog of Auditing exTensions) is a list of the most effective and useful application security audit and risk assessment tools (these tools were released as Firefox plug-ins ), security Tool types not collected in FireCAT include fuzzer, proxy and application scanner.