12 Penetration Testing Add-On
12 Penetration Testing Add-On: 1. FoxyProxy Standard: This advance proxy management add-on for the Firefox internet browser supplements the built-in proxy capabilities of Firefox. The add-on switches the user’s internet connection over one or more proxy servers based on the URL patterns and has many other features as well.
2. Firebug: This tool allows the user to debug and edit JavaScript, HTML and CSS live on a webpage and see the changes take effect. The add-on is useful for analysing JavaScript files for XSS vulnerabilities.
3. Web Developer: This add-on helps in penetration testing by adding various web development tools to Firefox.
4. User Agent Switcher: This add-on is useful if you want to spoof your browser while attacking a network. It places a tool bar on the browser that lets you switch between user agent and browser seamlessly.
5. Live HTTP Headers: The add-on displays live headers for each of the HTTP requests and responses on Firefox. It also allows the user to save header information by a click of a button. It is a really helpful tool for penetration testers.
6. Tamper Data: This add-on is quite similar to the one above, but it brings the added header editing capacity to Firefox. The user can view and then modify HTTP and HTTPS headers and post parameters. You can use it for penetration testing for web applications by modifying the POST parameters. It can also be used to make XSS and SQL Injection attacks.
7. Hackbar: This penetration testing tool for Firefox helps the user in testing simple SQL injection and XSS loopholes through Firefox. In addition, the add-on also has encoding and encryption tools, which can help in testing XSS vulnerability using encoded XSS payloads.
8. Websecurify: This add-on can detect most of the common vulnerabilities in any web applications. It is a complete penetration testing tool that can be added to the Firefox brower.
9. Add N Edit Cookies: As the name suggests, this Firefox browser lets the user add or edit the cookies data for the browser. It is quite useful for penetration testing, especially when trying to perform session hijacks.
10. XSS Me: This add-on helps in detecting XSS vulnerabilities in web applications. It scans all the different forms of a web page and then attacks the pages that qualify with a predefined XSS payload.
11. SQL Inject Me: This one helps in finding SQL injection vulnerabilities in web applications. It displays the vulnerabilities in a web application without exploiting them.
12. FlagFox: This browser adds a country’s flag on Firefox and determines where a web server is located. The add-on also has a web server.