Man
Professional
- Messages
- 2,965
- Reaction score
- 488
- Points
- 83
Contents of the article
- Best Hacking Extensions for Firefox Browser
We have already talked about the best extensions for anonymity in Firefox. Today we will continue the topic of browsers and consider the best hacker extensions for Firefox. The article will be useful to everyone, but first of all to bug hunters.
For those who are not aware, top bug hunters earn several tens of thousands of dollars a month by finding vulnerabilities as part of the Bug Bounty program.
The tool is distributed in two versions: Community Edition, which can be used for free, and a paid Pro version, with some additions.
addons.mozilla.org
There is also a function for saving the received data.
addons.mozilla.org
The hacker extension Hackbar will help in testing SQL injections, XSS, LFI, in assessing WAF and overall site security.
addons.mozilla.org
addons.mozilla.org
The screenshot above shows FoxyProxy in action for Burpsuite
addons.mozilla.org
The screenshot shows searching for the git folder using DotGit
addons.mozilla.org
A very useful browser add-on for testing web applications.
addons.mozilla.org
You can create multiple profiles and add different values to the changed titles. All changes can be applied to one tab or the entire site.
This is what the JavaScript code will look like.
addons.mozilla.org
The screenshot shows how the extension found a vulnerable version of JS and marked it with a Medium risk level.
addons.mozilla.org
The found email addresses can be saved in .csv and .txt formats.
addons.mozilla.org
addons.mozilla.org
Clickjacking involves hackers injecting malicious links into buttons or other elements on a website's pages.
addons.mozilla.org
addons.mozilla.org
- Best Hacking Extensions for Firefox Browser
- KNOXSS
- Wappalyzer
- Hackbar
- FoxyProxy
- DotGit
- User Agent Switcher
- ModHeader
- Beautifier & Minifier
- Retire.js
- Email Extractor
- Fake Filler
- Click-jacking
- Cookie Editor
We have already talked about the best extensions for anonymity in Firefox. Today we will continue the topic of browsers and consider the best hacker extensions for Firefox. The article will be useful to everyone, but first of all to bug hunters.
For those who are not aware, top bug hunters earn several tens of thousands of dollars a month by finding vulnerabilities as part of the Bug Bounty program.
Best Hacking Extensions for Firefox Browser
These extensions can be run in the background to find security misconfigurations and security vulnerabilities.KNOXSS
KNOXSS is a popular tool developed by Brazilian security researcher @Brutelogic. The tool is designed to search for Cross-Site Scripting vulnerabilities.The tool is distributed in two versions: Community Edition, which can be used for free, and a paid Pro version, with some additions.
KNOXSS Community Edition – Get this Extension for 🦊 Firefox (en-US)
Download KNOXSS Community Edition for Firefox. Tool for XSS (Cross-Site Scripting) discovery.
Wappalyzer
Wappalyzer is a browser extension that identifies technologies used on websites. It can identify CMS, JS libraries and frameworks, statistics services and much more. The information obtained will help in finding vulnerabilities in a web application.There is also a function for saving the received data.
Wappalyzer – Get this Extension for 🦊 Firefox (en-US)
Download Wappalyzer for Firefox. Identify technologies on websites
Hackbar
When testing a web application or web server, we often change the address bar settings and refresh pages many times. The Hackbar add-on will help you save time and complete these tasks quickly.The hacker extension Hackbar will help in testing SQL injections, XSS, LFI, in assessing WAF and overall site security.
Max HacKBar – Get this Extension for 🦊 Firefox (en-US)
Download Max HacKBar for Firefox. This hackbar moded by Mr bipolar
HackBar – Get this Extension for 🦊 Firefox (en-US)
Download HackBar for Firefox. A HackBar for new firefox (Firefox Quantum). This addon is written in webextension and alternatives to the XUL version of original Hackbar. Press F12 to use HackBar
FoxyProxy
The FoxyProxy extension simplifies the process of changing connection settings in Firefox. It will help you quickly switch between proxy servers. FoxyProxy can create a list of the most frequently used proxy servers and switch between them with one click.The screenshot above shows FoxyProxy in action for Burpsuite
FoxyProxy Standard – Get this Extension for 🦊 Firefox (en-US)
Download FoxyProxy Standard for Firefox. FoxyProxy is an open-source, advanced proxy management tool that completely replaces Firefox's limited proxying capabilities. No paid accounts are necessary; bring your own proxies or buy from any vendor. The original proxy tool, since 2006.
DotGit
DotGit is an extension for checking the presence of git/.svn/.hg folders on a site. The tool will help you find unprotected .env, security.txt files and much more. View .git / config with one click of the mouse. Excellent tool, highly recommended!The screenshot shows searching for the git folder using DotGit
DotGit – Get this Extension for 🦊 Firefox (en-US)
Download DotGit for Firefox. An extension to check if .git is exposed in visited websites. Source code: https://github.com/davtur19/DotGit
User Agent Switcher
Allows you to quickly change the browser's user agent. When communicating with a web server, your browser sends a string of text, or HTTP header, called the User Agent, which contains information about the user's operating system, current browser, rendering engine, and other important components. Based on the user agent, servers respond to the user.A very useful browser add-on for testing web applications.
User-Agent Switcher and Manager – Get this Extension for 🦊 Firefox (en-US)
Download User-Agent Switcher and Manager for Firefox. Spoof websites trying to gather information about your web navigation—like your browser type and operating system—to deliver distinct content you may not want.
ModHeader
ModHeader add-on helps to quickly modify HTTP headers. With this add-on, you can find various vulnerabilities on the site, such as bypassing authorization, modifying cookies, manipulating session data, etc.You can create multiple profiles and add different values to the changed titles. All changes can be applied to one tab or the entire site.
Beautifier & Minifier
With this add-on, you can easily minify and simplify CSS, HTML, and JavaScript code. During penetration testing, we often come across a large chunk of JavaScript code that is sometimes difficult to understand. This hacker extension for Firefox browser can minify the code and turn it into a readable format, which will increase the chances of finding a vulnerability in the site.This is what the JavaScript code will look like.
Beautifer & Minify – Get this Extension for 🦊 Firefox (en-US)
Download Beautifer & Minify for Firefox. This extension helps you quickly to minify and beautify CSS, HTML and JavaScript code! Make your website smaller and faster to load by minifying the JS, HTML and CSS code. HTML & CSS & JavaScript Beautifier/Minifier
Retire.js
Retire.js can detect the version of JS used on a site and find current vulnerabilities in the JavaScript library.The screenshot shows how the extension found a vulnerable version of JS and marked it with a Medium risk level.
retire.js – Get this Extension for 🦊 Firefox (en-US)
Download retire.js for Firefox. Scanning website for vulnerable js libraries.
Email Extractor
The tool allows you to extract and save email addresses of visited pages. A useful tool, often used in social engineering and brute force.The found email addresses can be saved in .csv and .txt formats.
Email Extractor – Get this Extension for 🦊 Firefox (en-US)
Download Email Extractor for Firefox. Automated Email Extraction Tool which extracts email addresses from web pages and AutoSaves them to use anytime.
Fake Filler
The purpose of this extension is to make it easier and faster to fill out forms with generated fake data.
Fake Filler – Get this Extension for 🦊 Firefox (en-US)
Download Fake Filler for Firefox. A form filler that fills all form inputs (textboxes, textareas, radio buttons, dropdowns, etc.) with fake and randomly generated data. The purpose of this extension is to help developers and testers test forms quickly and easily.
Click-jacking
This addon helps find clickjacking vulnerabilities by finding the absence of the X-Frame-Options header on a website. For those who don't know, Clickjacking is an attack that tricks website users into unintentionally clicking on malicious links.Clickjacking involves hackers injecting malicious links into buttons or other elements on a website's pages.
Click-jacking – Get this Extension for 🦊 Firefox (en-US)
Download Click-jacking for Firefox. Adds a red border to all webpages vulnerable to click-jacking and missing X-Frame-Options header
Cookie Editor
Cookie-Editor helps to work with cookies. The user can change, delete, add cookie values. With this add-on, you can test vulnerabilities such as session theft, privilege escalation, incorrect session configuration, etc.
Cookie-Editor – Get this Extension for 🦊 Firefox (en-US)
Download Cookie-Editor for Firefox. Cookie-Editor lets you efficiently create, edit and delete a cookie for the current tab. Perfect for developing, quickly testing or even manually managing your cookies for your privacy.
