Browser extensions

There is a lot of browser extensions developed by the community, here are my favorites.

Firefox

All of this following extensions can be found in the HackerFox suite.

  • Calomel SSL Validation : validate the grade of security of the SSL connection. The button will change color depending on the strength of encryption.
  • Firebug :  Firebug is the best addon ever. Used by web developers to can edit, debug, and monitor CSS, HTML, and JavaScript live in any web page.
  • HackBar : perfect to test SQL injections. Easy to use and some options like encoding (base64, url, hex), encryption (md5, sha-256, rot13). You can also alter POST data and your referer.
  • HttpFox : display informations about the query : headers, cookies, POST data, time and so on…
  • JavaScript Deobfuscator : this extension will show you all JavaScript used on a site even it’s hidden or obfuscated. It can be usefull to resolve some challenges :)
  • Live HTTP Headers :  with this addon, you can replay any request and modify all datas sent.
  • Tamper Data : used to intercept request and view/modify headers and post parameters.
  • User Agent Switcher : usefull to change your User Agent in case an application apply filter on it.
  • ViewStatePeeker : decode and reveal viewstate contents of an *.aspx page with a single right click.
  • Wappalyzer :  displays the tools and technology used by the visiting web site.
  • Web Developer : this powerful addon is a must have for every one concerned by web development. It will show you everything you need to know about images, forms, cookies, headers, css, html in the current page.  Plus it adds various tools to the browser.

Chrome

to be continued…

Wordpress testing

Here is the way I usually follow to test a Wordpress install.## Information gatheringGet basic informations with [WPScan](https://wpscan....… Continue reading

« DVWA - XSS reflected

Published on January 20, 2015

Exploit Exercices, Nebula - level02 »

Published on January 13, 2015