Browser Plug-Ins and Extensions for Pentesters/Security Analysts

July 11, 2016 | Views: 8453

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Sometimes, it’s necessary to probe a server or network without the resources at hand to load bloated proxies or web testing frameworks. Here’s where browser plug-ins and extensions shine.

This short list of plug-ins/extensions is not exhaustive. There are hundreds, if not thousands, of plug-ins and Extensions available with dozens and dozens of them intended for pentesting purposes. They can also be readily be repurposed by pentesters.

For a variety of reasons, it’s often necessary for the pentester to view and sometimes change the data that’s exchanged – as browsers request resources from web servers and those servers return the resources. These tools make it possible to see and change cookies, view hidden form fields and even change POST data making SQL injection possible directly from a browser. It’s not command line simple – but pretty close.

You may already taken a look at site://robots.txt and noted some interesting directories. We’ll set that aside for the time being. What other core web site attributes might we be interested in?

How about cookies? Most, if not all, Content Managers make use of cookies to keep track of the state or value of some variables and other attributes of our unique visit. Using a Cookie Manager will make them more accessible to us as site visitors. Our first browser addition will be a cookie manager plug-in/add-on.

`Cookie Manager+
v.1.11.1
Last Update: 6Jun2016
View, edit, create new cookies
Get it here: Cookie Manager+

Do an Add-On search from a Mozilla-based browser and find other cookie managers`

Now that we can see our cookies, and even change them, keep an eye out for interesting values, including:
`user=
password=
uid=
isloggedin=`

Stuff like that is all too often the site simply maintaining critical objects like Usernames, Passwords, Log on status on your device – making it oh so easy to present spoofed access tokens that should be authenticated, but just aren’t because it’s easier for the site developer to just store them in a cookie and be done with it. After all, cookies are site specific. Right?

 

Ever wonder why a site looks so different on your Smart Phone or Tablet than it does on your Desktop PC? The site is probably using the User-Agent: string associated with your browser. The next addition to our browser will allow us to change that string and make our browser look like a Smartphone (either an Android, iPhone, even a Blackberry). Or, perhaps we have a Linux desktop but would like to see how a site presents itself to a Windoze box.

`Quickly and easily switch between popular user-agent strings.

Get it here: User-Agent Switcher
`

 

We’ve only just begun when it comes to manipulating the data our browser sends a web site. With our next tool, we’ll be able to see and edit GET or POST requests before they leave our browser and get processed by the server we’re investigating.

`TamperData
———-
Use tamperdata to view and modify HTTP/HTTPS headers and post parameters.

Trace and time HTTP response/requests.

Security test web applications by modifying POST parameters.

FYI: The current version of Google Web Accelerator is incompatible with the tampering function of TamperData. Your browser will crash.

Get it here: TamperData Plug-in for Firefox`

 

Our next fun tool is useful for changing the attributes of an already rendered page. Maybe there are hidden fields in a form and we’d much rather see them on the page itself and not have to hunt them down in the _View Source. So, let’s grab Firebug and use it to inspect any and all the elements of rendered pages. There’s more forgetting what you entered in that greyed out Password box – just change the attribute for that entry box from “password” to “text” and you’ll no longer be dependent on the page author providing a tick box to “show password.” You can see for yourself that you didn’t make any typos while entering the password.

`Firebug
——-
Firebug integrates with Firefox to put a wealth of development tools at your fingertips while you browse. You can edit, debug, and monitor CSS, HTML, and JavaScript live in any web page…

Get it here: Firebug`

 

Of course, I saved the best for last. This next tool is actually a toolbar that can be added to Firefox the same way your bookmarks can be displayed as a toolbar. Why is this toolbar so handy? With the exception of viewing or changing the User-Agent this Developer’s tool can do just about everything else we’ve covered above. Like Firebug, it can isolate and view every element of a rendered page. However, it doesn’t have the facility to edit or change any page element the way Firebug can. It does have a menu entry to make all those obfuscated Password boxes visible. Enough preamble

`Web-Developer & Toolbar
———————–
This is a huge Toolkit of tools for viewing, sometimes manipulating, the data rendered.

Get it here: Web Developer Toolbar`

and a button to hide/reveal the toolbar

`Get Toolbar button: Web Developer Toolbar Button

 

Thanks and I hope this is useful to you.

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
16 Comments
  1. headline is “Browser Plug-Ins and Extensions for Pentesters/Security Anal…” Sorry, I cant stand it lmao. anyway, good article

  2. Some interesting plugins, thanks!

  3. good Info

  4. Good post!!

  5. Good article
    wappalyzer addon for Firefox, too too for identifying web technologies used in a website.

    • IIRC Wappalyzer is pre-installed in the Firefox browser in Kali-rolling_edition and has been since the first release. Apparently the “professionals” agree with you 🙂 it’s a great add-on. With the numerous tools and tool plugins in Kali, this is one I’ve not had a chance to play with yet.

Page 2 of 3«123»
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel