1.) XSS Me
This plugin discovers all the fields on the current page, and gives you the option to launch targeted attacks on each field, or to launch all of its attacks against all fields
https://addons.mozilla.org/en-US/firefox/addon/7598/
2.) SQL Inject Me
From the same group as XSS Me, this plugin finds all fields on the page you’re on and let’s you launch the most common SQL injection attacks against them.
https://addons.mozilla.org/en-US/firefox/addon/7597/
3.) Live HTTP Headers
See exactly what your browser is sending and receiving in real-time.
https://addons.mozilla.org/en-US/firefox/addon/3829/
4.) User Agent Switcher
Change your user-agent on the fly. So, you can make it look like you’re coming from Lynx running on AIX, or like you’re the GoogleBot.
https://addons.mozilla.org/en-US/firefox/addon/59
5.) Web Developer
Modify all sorts of options related to the site you’re viewing. Disable scripting, modify forms, etc., etc. Trust me–good stuff.
https://addons.mozilla.org/en-US/firefox/addon/60
6.) Tamper Data
Lets you view the data that’s being passed back and forth between you and the web server…and let’s you mess with it. Think “WebScarab”, but far simpler, and as a Firefox plugin
https://addons.mozilla.org/en-US/firefox/addon/966
7.) ASnumber
Find the Autonomous System Number (ASN) of the network that your current site is served from. Simple. Useful
https://addons.mozilla.org/en-US/firefox/addon/2072/
8.) DT Whois
Do a domaintools.com lookup of the site you’re currently visiting. If you haven’t used domaintools.com yet, you’ll be even more impressed
https://addons.mozilla.org/en-US/firefox/addon/2855
9.) Firebug
Gives you a developer’s view into the page you’re viewing, showing exactly what scripts are running, what the stylesheet is, etc. Oh, and let’s you change them and see what the result would be. Not really a security thing, but strong enough to be included in a list of musts.
https://addons.mozilla.org/en-US/firefox/addon/1843
10.) SwitchProxy Tool
Allows you to quickly switch back and forth between multiple proxies, or between using your main proxy and going straight out to the Internet. My configuration always includes at least one proxy: localhost:8008 for WebScarab.
https://addons.mozilla.org/en-US/firefox/addon/125
11.) Hackbar
This tool, added on Zach’s (@quine’s) request, is kind of interesting. It allows a lot of functionality from a very simple interface. Essentially, it presents you with the ability to modify the current URL in a number of interesting ways, including giving access to a number of simple tools for translating data formats. Worth adding to the list of essentials.
https://addons.mozilla.org/en-US/firefox/addon/3899/
12)auto page refresh
Reloads web pages every so many seconds or minutes. The function is accessible via the context menu (menu you get when you right click on a web page) or via a drop down menu on the reload button ...
https://addons.mozilla.org/en-US/firefox/addon/115/
 
 
No comments:
Post a Comment