Ethical hacking could be great fun if you know about these add-ons.
The creation of penetration testing labs in Kali Linux or Backtrack, has been a popular topic for a long time, but the fact remains that all challenges, practice, and hacking need tools. One of the better known tools is the Addons which comes in many types and forms. We thought it would be fun to bring to you a list of important add-ons for hackers and pentesters. Here are the top 7 that we shortlisted:
1. Tamper Data: This is one of the most used Addons for Pentesters, who traditionally make use of it for viewing and modifying HTTP/HTTPS headers and post parameters, trace and time HTTP response or requests, security test web applications by modifying POST parameters and a lot more. The add-on can be downloaded here.
2. Hack Bar: Another well known and very often used tool, it is mostly used for security audit , and comes strongly recommended for installation and XSS, SQL Encoding/Decoding – MD5, SH1, Base64, Hexing, Splitting etc. The add-on can be downloaded here.
3. Live HTTP Headers: Similar to the Tamper Data add-on, the one big difference this add-on has is that it allows for viewing HTTP headers of a page while browsing. The add-on can be downloaded here.
4. User Agent Switcher: This particular add-on works wonders in adding a menu and a toolbar button to switch the user agent of a browser. This is, in turn, helpful in the changing of a User Agent to IE, Search Robots, I-Phone (I-OS). Besides this, the user can also use this add-on in the creation of his or her own User Agent. The add-on can be downloaded here.
5. Cookie Manager+: This is a great add-on for viewing, editing, creating and injecting cookies. The best thing about the add-on is the fact that it displays extra information about cookies, allows edit multiple cookies at once & backup/restore. The add-on can be downloaded here.
6. HTTP Fox: This add-on works for those looking to monitor and analysing all incoming and outgoing HTTP traffic between the browser and the web servers. The aim of the add-on is to bring the functionality known from tools like Http Watch or IE Inspector to the Firefox browser. The add-on can be downloaded here.
7. Passive Recon: This add-on gives its users the capability of performing “packetless” discovery of target resources utilizing publicly available information. The add-on can be downloaded here.
8.SQL Inject me :SQL Injection vulnerabilites can cause a lot of damage to a web application. A malicious user can possibly view records, delete records, drop tables or gain access to your server. SQL Inject-Me is Firefox Extension used to test for SQL Injection vulnerabilities.The add-on can be downloaded here.