Firefox add-ons are useful for penetration testers and security analysts. These penetration testing add-ons helps in performing different kinds of attacks, and modify request headers direct from the browser. This way, it reduces the use of a separate tool for most of the penetration testing related tasks.
Drag the downloaded file into the FireFox browser and accept the installation. The scanner icon should appear in the lower right corner (see the screenshot). If not, then the lower toolbar for add-on is disabled. To enable it do: View- Toolbars- Add-on Bar (or just ctrl + /, but the keys do not operate at all systems). Firefox NoScript XSS Warning from Google.com to FCC.gov. Posted by 2 years ago. Firefox NoScript XSS Warning from Google.com to FCC.gov. Hi all, since updating my Firefox and NoScript, I have been receiving an XSS warning from google.com to fcc.gov. Here's a screenshot of the window. Any idea what this is? Oct 10, 2015 Portable Firefox With Web Hacking Addons Bundled. It is useful for instant web app security assessment. Two versions available:-HackerFox-with-Firefox-version-1.5.0.12.zip-HackerFox-with-Firefox-version-2.0.0.20.zip (With XSS-Me, SQL-Inject-Me, Access-Me).
Stop Tracking ( Disconnect )
Stop tracking with “Disconnect”
– open source and
– loads pages 44% faster.
– save upto 39% of bandwidth
– stops tracking more than 2,000+ third-party sites
– keeps your searches private
– was named the best privacy tool by the New York Times (2016),
Cookie Quick Manager
This add-on helps you perform various operations on cookies like viewing, searching, creating, and even editing them.
https://addons.mozilla.org/en-US/firefox/addon/cookie-quick-manager/
HackBar Quantum
Unlike the previous version of Hackbar, this one is compatible with firefox quantum also. This tool helps in testing sql injections, XSS holes and site security.
HTTPS Everywhere
Encrypt the web! With this tool as your add-on, you can apply HTTPS ecryption automatically on all the sites even on those where https: prefix is omitted.
Greasemonkey
Allows you to customize the way a web page displays or behaves, by using small bits of JavaScript.
Injector
Its a lightweight web app bug finder. With the provision of custom injection lists, one can intercept and replay web requests.
User-Agent Switcher and Manager
This is among the coolest ones. You can spoof your user-agent so that it becomes impossible for websites to know specific details about our browser , thus protecting your identity and it also unlocks other utilities like some websites can be made to load much faster if you spoof your user-agent with a mobile device.
Easy XSS
Its a simple to use plugin. It provides you with a menu of various xss payloads. With just one click it gets copied to clipboard and now all we have to do is to paste it in the desired input tag.
Wappalyzer
While doing web app pentesting, its necessary to know the technologies and the software used in building the app and of course the version also. With wappalyzer, it can all be done with single click.
BuiltWith
Its used in finding the technologies used behind a Web application. If Wappalyzer, misses something out, it can be verified with Buildwith.
Web developer
It provides an interface to inspect the HTML, CSS , script code for the web page. You can also edit the code and it will display the current output.
Tor browser
Thats the first thing which pops up in mind when we are talking about online privacy,anonymity and encryption. It’s a modified version of Firefox and it comes with pre-installed privacy add-ons, encryption and an advanced proxy.
Tamper Data for FF Quantum
– Monitor live requests
– Edit headers on live requests
– Cancel live requests
– Redirect live requests
Usage: Click the blue cloud in the toolbar to start tampering. When you’re done, click it again to stop.
uBlock Origin
An efficient blocker which at the same time is soft on CPU and memory. It can load and enforce thousands more filters than other popular blockers out there.
Usage: The big power button in the popup is to permanently disable/enable uBlock for the current web site. It applies to the current web site only, it is not a global power button.
Xss Me For Firefox Browser
NoScript Security Suite
This tool allows potentially malicious web content to run only from sites trusted by you. This tool also protects you from attacks like XSS and other web exploits. Its more of defensive rather than offensive tool, still worth trying.
anonymoX
AnonymoX is an initiative for anonymization on the internet. The aim is to restore the users right of anonymity in the web. Most websites monitor the behaviour of their users, giving the websites hosts the ability to analyze the general users behaviour and create detailed user profiles, which are frequently sold to third parties.
A threat for freedom of speech on the internet manifests in the repression through federal or private organizations. More and more governments censor websites with the excuse of child safety, copyright infringement or the fight against terrorism and thereby limit the freedom of speech.
Easy anonymous web browsing.
– Change your IP-Address and country
– Visit blocked or censored websites.
Xss Me For Firefox Chrome
– Delete cookies, show your public ip, and more
Whenever i open firefox, it *always* makes itself windowed, but with the dimensions of my screen, meaning it's overlapping under windows' task bar, which is really annoying: I always have to manually maximize firefox after i started it.
- If i right click on firefox's icon and go to properties > Shortcut > Run and set to 'Maximized', nothing is changed.
- When I maximize firefox manually, close it, and reopen it, i see briefly firefox maximized, then it quickly changes to windowed mode again.
- I checked in the options and failed to see anything that could help.
- Out of despair, i even tried to blindly search in the variables available in about:config, without luck.
- I tried this on 2 different systems, both with windows 7 x64 installed and 8GB of RAM, without luck.
My system:
Xss Me For Firefox Free
OS: windows 7 home premium x64RAM: 8GBCPU: i7-920