Browser Plug-Ins and Extensions for Pentesters/Security Analysts

July 11, 2016 | Views: 8563

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Sometimes, it’s necessary to probe a server or network without the resources at hand to load bloated proxies or web testing frameworks. Here’s where browser plug-ins and extensions shine.

This short list of plug-ins/extensions is not exhaustive. There are hundreds, if not thousands, of plug-ins and Extensions available with dozens and dozens of them intended for pentesting purposes. They can also be readily be repurposed by pentesters.

For a variety of reasons, it’s often necessary for the pentester to view and sometimes change the data that’s exchanged – as browsers request resources from web servers and those servers return the resources. These tools make it possible to see and change cookies, view hidden form fields and even change POST data making SQL injection possible directly from a browser. It’s not command line simple – but pretty close.

You may already taken a look at site://robots.txt and noted some interesting directories. We’ll set that aside for the time being. What other core web site attributes might we be interested in?

How about cookies? Most, if not all, Content Managers make use of cookies to keep track of the state or value of some variables and other attributes of our unique visit. Using a Cookie Manager will make them more accessible to us as site visitors. Our first browser addition will be a cookie manager plug-in/add-on.

`Cookie Manager+
v.1.11.1
Last Update: 6Jun2016
View, edit, create new cookies
Get it here: Cookie Manager+

Do an Add-On search from a Mozilla-based browser and find other cookie managers`

Now that we can see our cookies, and even change them, keep an eye out for interesting values, including:
`user=
password=
uid=
isloggedin=`

Stuff like that is all too often the site simply maintaining critical objects like Usernames, Passwords, Log on status on your device – making it oh so easy to present spoofed access tokens that should be authenticated, but just aren’t because it’s easier for the site developer to just store them in a cookie and be done with it. After all, cookies are site specific. Right?

 

Ever wonder why a site looks so different on your Smart Phone or Tablet than it does on your Desktop PC? The site is probably using the User-Agent: string associated with your browser. The next addition to our browser will allow us to change that string and make our browser look like a Smartphone (either an Android, iPhone, even a Blackberry). Or, perhaps we have a Linux desktop but would like to see how a site presents itself to a Windoze box.

`Quickly and easily switch between popular user-agent strings.

Get it here: User-Agent Switcher
`

 

We’ve only just begun when it comes to manipulating the data our browser sends a web site. With our next tool, we’ll be able to see and edit GET or POST requests before they leave our browser and get processed by the server we’re investigating.

`TamperData
———-
Use tamperdata to view and modify HTTP/HTTPS headers and post parameters.

Trace and time HTTP response/requests.

Security test web applications by modifying POST parameters.

FYI: The current version of Google Web Accelerator is incompatible with the tampering function of TamperData. Your browser will crash.

Get it here: TamperData Plug-in for Firefox`

 

Our next fun tool is useful for changing the attributes of an already rendered page. Maybe there are hidden fields in a form and we’d much rather see them on the page itself and not have to hunt them down in the _View Source. So, let’s grab Firebug and use it to inspect any and all the elements of rendered pages. There’s more forgetting what you entered in that greyed out Password box – just change the attribute for that entry box from “password” to “text” and you’ll no longer be dependent on the page author providing a tick box to “show password.” You can see for yourself that you didn’t make any typos while entering the password.

`Firebug
——-
Firebug integrates with Firefox to put a wealth of development tools at your fingertips while you browse. You can edit, debug, and monitor CSS, HTML, and JavaScript live in any web page…

Get it here: Firebug`

 

Of course, I saved the best for last. This next tool is actually a toolbar that can be added to Firefox the same way your bookmarks can be displayed as a toolbar. Why is this toolbar so handy? With the exception of viewing or changing the User-Agent this Developer’s tool can do just about everything else we’ve covered above. Like Firebug, it can isolate and view every element of a rendered page. However, it doesn’t have the facility to edit or change any page element the way Firebug can. It does have a menu entry to make all those obfuscated Password boxes visible. Enough preamble

`Web-Developer & Toolbar
———————–
This is a huge Toolkit of tools for viewing, sometimes manipulating, the data rendered.

Get it here: Web Developer Toolbar`

and a button to hide/reveal the toolbar

`Get Toolbar button: Web Developer Toolbar Button

 

Thanks and I hope this is useful to you.

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
16 Comments
  1. Hello everyone!

    This article is a good start.

    This subject has caught my interest lately.

    Test your browser here for a baseline.

    http://ip-check.info/?lang=en

    Here is a great guide I found.

    https://www.bestvpn.com/the-ultimate-privacy-guide/

    Some tools to consider:

    https://github.com/ChrisAntaki/disable-webrtc-firefox

    http://firefox.add0n.com/policy-control.html

    http://firefox.add0n.com/privacy-settings.html

    https://addons.mozilla.org/en-US/firefox/addon/self-destructing-cookies/?src=api

    https://www.eff.org/privacybadger

    https://www.eff.org/https-everywhere

    https://noscript.net/

    Get Rid of FLASH!

    I set mine to HTML 5

    http://mybrowseraddon.com/youtube-flash-html.html

    VLC Media Player kicks in for some media sites.

    https://www.videolan.org/vlc/

    http://linoxide.com/ubuntu-how-to/pipelight-linux/

    I can not speak to this as I use linux, so look around or get a geek to code something for windows.

    https://alternativeto.net/software/flash-player/?platform=windows

    A Browser to consider…I have not tested it yet.

    https://www.palemoon.org/

    There is more, just goes to show how at risk our data is.

    We need DATA RIGHTS as a human right, let’s put a mechanism at the individual level where it belongs. We are in the primitive stage where data is given away, or taken away like on Facebook, Windows 10, etc. etc. The dangers of this are not so obvious, and unfortunately we will learn the hard way. Time for better public policy.

  2. Cliget on Firefox is very useful.

Page 3 of 3«123
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel