5 Firefox addons that every hacker should have.

Quite often, a web-hacker’s only friend is little more than a web-browser. But advancement in extensible browsers has lead to a vast array of hacking-related addons being released into the public. In this entry, I will outline what I believe to be the most useful browser-addons that will streamline the entire web-hacking process.

1. Hackbar

This is one of my favourite addons for Firefox. It’s beauty is in it’s simplicity. No overkill with Hackbar, it does what it says on the tin. There’s nothing more agitating to Hector than when you find an injectable site with 78 columns. Who wants to spend needless minutes counting to infinity? With Hackbar, it automates union select statements by allowing you to specify the column count, and it will print all of the columns for you.

Hackbar has a wealth of other useful features. Don’t want to spend time referencing a decimal chart for the char function? Let hackbar convert a string for you. Just pulled the username and password from the DB to find out the password is an MD5 hash? Just tell hackbar – it will submit the HASH to an array of online MD5 -cracking services.

It’s worth noting that Hackbar is not an exploitation tool that will hack for you – You will still be required to find flaws, and injection points – Hackbar just makes the process a little more automated, saving you an abundance of time.

Download link: https://addons.mozilla.org/en-US/firefox/addon/hackbar/

2. Firebug

How often have you been forced to download the source-code of a webpage, with intent of modifying it’s form contents – or javascript injection to try and accomplish the task a little quicker? If you answered “Way too much fecking time Hector!” – then Firebug is for you. Firebug allows you to modify the content of a page (HTML or Javascript) on the fly – enabling you to modify it to your likings. Annoying javascript input validation? Remove it with Firebug! Form not formulated to your likings? Hack it up real nice, with Firebug!

Download link: https://addons.mozilla.org/en-US/firefox/addon/firebug/

3. Firesheep

Firesheep is a new and innovative addon which allows you to hijack HTTP sessions of users sharing the same network. The potential of Firesheep is endless. From internet cafes to poorly encrypted or even open public networks – Firesheep is a real threat to anyone operating outside the comfort of their home networks. It unfortunately is not yet support for Linux.

Download link: http://codebutler.github.com/firesheep/

4. Tamper Data

Tamper Data is an extremely useful addon, that allows you to modify HTTP/HTTPS headers, along with post parameters on the fly. It’s a great way to get an overview of communication between the browser and server and change data to your requirements.

Download link: https://addons.mozilla.org/en-US/firefox/addon/tamper-data/

5. Add ‘n’ Edit Cookies

A lightweight addon that allows you to edit your cookie session quickly and effectively. A useful addition to the web-hacker’s array of addons.


Download link: https://addons.mozilla.org/en-US/firefox/addon/add-n-edit-cookies/


Notable mentions

XSS Me

“XSS-Me is the Exploit-Me tool used to test for reflected Cross-Site Scripting”.

Download link: https://addons.mozilla.org/en-US/firefox/addon/xss-me/

SQL Inject ME

“SQL Inject Me is the Exploit-Me tool used to test for SQL Injection vulnerabilities. “

Download link: https://addons.mozilla.org/en-US/firefox/addon/sql-inject-me/

About these ads

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: