Saturday, August 24, 2013

11 Firefox Addons a Hacker Must Have and use

Firefox is one the most secured web browser in the world. Have you ever dreamed of that we can use Firefox to Hack like a pro? Firefox like other browsers has a feature called add-on. Add-ons adds an additional functionality to your Firefox browser. There are thousands of Firefox add-ons available for Mozilla but Hackingloops brings you the best and most effective Hacking add-ons ever on Firefox. In short, we are listing a most popular and interesting Firefox add-ons that are useful for Hackers. This list of 11 add-ons vary from information gathering tools to attacking tools. All these add-ons are available for free and you can download from the Mozilla add-on website. So friends lets see what Hackingloops has bring this time for you. I will list them in way from top( I like most) to bottom pattern but note that all of them are extremely good tools.

Firefox Add-ons for Hackers
Firefox Add-ons for Hackers

11 Firefox Add-ons a Hacker Must Have and use


1. Tamper Data
Tamper data is an great tool to to view and modify HTTP/HTTPS headers and post parameters. We can alter each request going from our machine to destination host with this. Thus it helps in security testing web application by modifying POST parameters. It can be used in performing XSS and SQL Injection attacks by modifying header data.
Add Tamper data to Firefox:
https://addons.mozilla.org/en-us/firefox/addon/tamper-data/

2. Firebug
Firebug is a nice add-on that integrates a web development tool inside the browser. With this tool, you can edit and debug HTML, CSS and JavaScript live in any webpage to see the effect of changes. It helps in analyzing JS files to find XSS vulnerabilities. It’s an really helpful add-on in finding DOM based XSS for security testing professionals.
Add firebug to your browser :
https://addons.mozilla.org/en-US/firefox/addon/firebug/
 
3. Hackbar
Hackbar is a simple penetration tool for Firefox. It helps in testing simple SQL injection and XSS holes. You cannot execute standard exploits but you can easily use it to test whether vulnerability exists or not. You can also manually submit form data with GET or POST requests. It also has encryption and encoding tools. Most of the times, this tool helps in testing XSS vulnerability with encoded XSS payloads. It also supports keyboard shortcuts to perform various tasks.I am sure, most of the persons in the security field already know about this tool. This tool is mostly used in finding POST XSS vulnerabilities because it can send POST data manually to any page you like. With the ability of manually sending POST form data, you can easily bypass client side validations of the page. If your payload is being encoded at client side, you can use an encoding tool to encode your payload and then perform the attack. If the application is vulnerable to the XSS, I am sure you will find the vulnerability with the help of the Hackbar add-on on Firefox browser.
Add Hackbar to Firefox:
https://addons.mozilla.org/en-US/firefox/addon/hackbar/

4. Cookies Manager +
Cookie Manager is one of the greatest tool ever made. Using this tool you can actually play with cookies. You can alter almost all cookie using this tool. You can use Cookies manager to view, edit and create new cookies. It also shows extra information about cookies, allows edit multiple cookies at once and backup/restore them.
Add Cookies Manager to Firefox:
https://addons.mozilla.org/en-US/firefox/addon/cookies-manager-plus/

5. NoScript
No Script add-ons greatness is beyond imagination. With this tool you can monitor each an every script running on website, you can block any of scripts and see what actually that scripts does on website. But this add-on is for experts, newbies will face problems using this. Note: If you are testing XSS, HTTPS header modifications, Injection attacks on any website you need to disable this plugin because it will not allow you to do so. 
Add NoScript to Firefox:
https://addons.mozilla.org/en-us/firefox/addon/noscript/

6. Grease Monkey
Grease Monkey is an counter part of No Script, its actually behaves opposite of Noscript. We use Noscript to block the scripts and use GreaseMonkey to run the scripts. It allows you to customize the way a web page displays or behaves, by using small bits of JavaScript. 
Add Grease Monkey to Firefox :
https://addons.mozilla.org/en-US/firefox/addon/greasemonkey/

7. User Agent Switcher

User Agent Switcher add-on; adds a one click user agent switch to the browser. It adds a menu and tool bar button in the browser. Whenever you want to switch the user agent, use the browser button. User Agent add on helps in spoofing the browser while performing some attack.
Add user agent Switcher to Firefox:
https://addons.mozilla.org/en-US/firefox/addon/user-agent-switcher/

8. CryptoFox
CryptoFox is an encryption or decryption tool for Mozilla Firefox. It supports most of the available encryption algorithm. So, you can easily encrypt or decrypt data with supported encryption algorithm. This add-on comes with dictionary attack support, to crack MD5 cracking passwords. Although, it hasn’t have good reviews, it works satisfactorily.
Add CryptoFox to Firefox:
https://addons.mozilla.org/en-US/firefox/addon/cryptofox/

9. SQL Inject Me
SQL Inject Me is another nice Firefox add-on used to find SQL injection vulnerabilities in web applications. This tool does not exploit the vulnerability but display that it exists. SQL injection is one of the most harmful web application vulnerabilities, it can allow attackers to view, modify, edit, add or delete records in a database.The tool sends escape strings through form fields, and tries to search database error messages. If it finds a database error message, it marks the page as vulnerable. Hackers can use this tool for SQL injection testing.
Add SQL Inject Me to Firefox:
https://addons.mozilla.org/en-us/firefox/addon/sql-inject-me/ 

10.  XSS ME
Cross Site Scripting is the most found web application vulnerability. For detecting XSS vulnerabilities in web applications, this add-on can be a useful tool. XSS-Me is used to find reflected XSS vulnerabilities from a browser. It scans all forms of the page, and then performs an attack on the selected pages with pre-defined XSS payloads. After the scan is complete, it lists all the pages that renders a payload on the page, and may be vulnerable to XSS attack. Now, you can manually test the web page to find whether the vulnerability exists or not.
Add XSS ME to Firefox:
https://addons.mozilla.org/en-us/firefox/addon/xss-me/

11.  Passive Recon
Last but not the least. Passive recon is a good information gathering tool. 
PassiveRecon provides information security professionals with the ability to perform "packetless" discovery of target resources utilizing publicly available information. It gathers information like DnsStuff tool available on backtrack.

Add Passive Recon to Firefox:
https://addons.mozilla.org/en-US/firefox/addon/passiverecon/


That's all for today guys, i hope you all are enjoying your journey towards becoming a Professional Hacker. Have fun! Keep Learning.
 
 

15 comments:

  1. I use secret agent over user agent personally but good list mate.

    ReplyDelete
  2. DUDE FIREFORCE!??!

    ReplyDelete
  3. 'Dazzling', 'Very Great', 'What?', these are just some of the remarks made just recently in journalism regarding dreamcast emulator for android.
    At one phase or one more, every guy lady or kid will be confronted with the problem of
    dreamcast emulator for android. While it has been
    acknowledged that it has a vital part to play in the development of
    guy, it is yet to receive correct recognition for
    laying the foundations of democracy. It is approximated that that dreamcast emulator for android is considered 8 times every
    day by the over 50, certainly. Right here begins my indepth analysis of the
    glourious topic of dreamcast emulator for android.

    Social Factors

    Contrasts in between Roman Culture and Middle ages Culture offer a clear
    picture of the value of dreamcast emulator for android to advancements in social conduct.
    I will certainly not insult the viewers inteligence by discussing this apparent contrast any type of further.
    When Sir Bernard Chivilary said 'hounds will delight in culture' [1] he, in contrast to
    my found out coworker Sir George Allen's current magazine 'Into the eye of, could possibly not have been referring to eighteenth century ideas pertaining to society.

    Spanning divides such as training, race and uglyness, dreamcast emulator for android cleary
    plays a considerable job among the creating middle classes.


    Did I discuss just how beautiful dreamcast emulator for android is?
    It grows stonger on a daily basis.

    Economic Factors

    Stemmed from 'oikonomikos,' meanings experienced in family management, the
    word financial aspects is synonymous with dreamcast emulator for android.
    We should analyze the Spanish-Armada version. For those of you unfamiliar with this model it is that come from the
    Three-Amigos version yet with greater emphasis on the outlying gross
    nationwide item.
    National
    Financial obligation


    dreamcast emulator for android

    Doubtless there is a web link. Exactly how can this be discussed?
    Also a child could exercise that the public debt sings a really different song.
    Several experts fear a succeeding sadness.


    Political Aspects

    No guy is an isle, but what of national politics? Comparing the general view of national politics held
    by the inadequate of the west with those of the east could be like reviewing 0

    In the words of nobel prize winner Maximilian Woodpecker 'Rep in
    glass residences should not through events.' [2] Just what a fantastic quote.

    It would be wise to move toward the target with the idea that 'if you do not have anything nice to claim, don't say
    anything at all'. However this could result in losing out crucial
    truths.

    Is dreamcast emulator for android politically right,
    in every sense? Each guy, female and to a lesser degree, child, must compose
    their very own thoughts.
    Conclusion

    In my point of view dreamcast emulator for android is
    both a demand and a want. It restores the self, praises achievement
    and never ever hides.

    Let's done with an idea from star Shania Schwarzenegger: 'I
    demand dreamcast emulator for android, nothing additional absolutely nothing less.'.

    ReplyDelete
  4. Heya! I'm at work browsing your bllog from my
    new apple iphone!Just wanted to say I llve reading through
    your blog and look forward to all your posts!
    Keep up the outstanding work!

    my blog :: white dresses for plus size women

    ReplyDelete
  5. Después los cuatro ganadores de cada banda jugaron
    una liguilla para dilucidar el campeonato. 45.

    Here is my homepage :: dinerito fresco

    ReplyDelete
  6. Make yourself a landing page, using Squidoo or hubpages talking
    about your product. This is very easy to do and again
    it will not cost you a single penny. This is why 97%
    of internet marketers fail and quit.

    Feel free to visit my site - make money online (infocentre.santabarbara.cat)

    ReplyDelete
  7. Mildew usually wreaks havoc on bathroom tiles, closets,
    basement walls and exterior walls. This will contribute to water
    damage in the walls as well as the floor. Know what your
    policy covers and what it does not cover and present your situation accurately, without using words or terms that raise a red flag to the person on the other end.


    Here is my webpage ... Water Damage Clean Up Las Vegas

    ReplyDelete
  8. Today, while I was at work, my sister stole my iPad and tested to see
    if it can survive a thirty foot drop, just so she can
    be a youtube sensation. My iPad is now destroyed and she has 83
    views. I know this is totally off topic but I had to share it with someone!


    Here is my web site ... google play gift card generator

    ReplyDelete
  9. Hey there! I could have sworn I've been to this blog before but
    after reading through some of the post I realized it's new
    to me. Anyhow, I'm definitely happy I found it
    and I'll be book-marking and checking back frequently!


    my web page ... clash of clans cheats

    ReplyDelete
  10. If you try it yourself and mess bathroom window blinds it up, you will be able to achieve this would be spraying an all-purpose cleaner to a piece of cake for mom and dad.
    Begin by securing the short end of the bathroom window blinds job I would say
    when it comes to the window glass itself. Bottom up/top down lets you lower
    your window treatment choices.

    Also visit my web site ... wood venetian Blinds

    ReplyDelete
  11. What can safeguard your engine better than completely synthetic
    motor oil which is the finest blend of motor oil offered to the
    customer. I have always had a huge interest in alternative fuel solutions.
    On the other hand, a synthetic blend is a mixture of the
    two: less affordable than synthetic and better than conventional and has a life that is still much higher than conventional oil.


    Have a look at my page: motorni masla online

    ReplyDelete
  12. Another style conservatory blinds of blinds for conservatories can reinforce this connection.

    Roof blinds are a popular choice, and are conservatory blinds known to
    do. It is a place where homeowners can go to relax and take it easy.
    Because they come in all styles and colours, blinds can act as a means of
    insulation, and prevent the hot air from escaping
    too quickly.

    my blog ... pleated blinds

    ReplyDelete
  13. You are probably in the 90 percentile group of those people whose acne problems can easily be resolved with a natural acne cure that, unfortunately, was virtually ignored for the past few
    decades. Doctors have done studies that have proven that diets that include high carbohydrates can increase the severity of acne.
    Genuine acne vulgaris in grown ups may be a
    feature of an underlying issue these as pregnancy and problems these as polycystic ovary syndrome or the scarce Cushing's syndrome.


    Look into my web site - acne no more review

    ReplyDelete

Please do not spam.

Copyright © 2012 Learn How to Hack - Best Online Ethical Hacking Website All Right Reserved
Designed by Hackingloops.