My next class:

Firefox Plugin Collections

Published: 2009-10-08. Last Updated: 2009-10-08 14:18:17 UTC
by Johannes Ullrich (Version: 1)
10 comment(s)

Our reader Mark send us a link to his firefox "Security Suite" https://addons.mozilla.org/en-US/firefox/collection/securitysuite .

Mozilla started offering the ability to setup these collections to make it easier to share sets of plugins like that. Our handler Swa got inspired by Mark's submission, and setup his own https://addons.mozilla.org/en-US/firefox/collection/isc

I think this is a great idea. And I am wondering what plugins our readers would recommend for a suite like this. I can see three different suites:

- Home user security suite
- Security professional suite
- Pentesting suite.

Let me know which tools you would add to either one of them, and I will publish the top 5 plugins in each category (and maybe even setup the corresponding suites)

 

 

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

Keywords: firefox plugin
10 comment(s)
My next class:

Comments

Firebug should definitely go into one of the above suites.

oleksiyg

Oct 8th 2009
1 decade ago

Agreed. I like firebug a lot. Probably more for "pros" then home users.

Dr. J

Oct 8th 2009
1 decade ago

I like WOT (Web of Trust) addon. Users can rate sites on a variety of factors. Any links shown in the browser will be accompanied by an icon that will be green, orange, red, or grey (good, scam, malicious, not rated).

Very useful for quickly picking out blackhat SEO poisoned queries in Google or search engine of your choice.

Cress

Oct 8th 2009
1 decade ago

Here's a pen-testing collection https://addons.mozilla.org/en-US/firefox/collection/redspin-web

Joel P.

Oct 8th 2009
1 decade ago

I'm a fan of Ghostery, which lets you know of (and block) web bugs.

https://addons.mozilla.org/en-US/firefox/addon/9609

NotSure

Oct 8th 2009
1 decade ago

Home User: no script, adblock plus, cookie safe, McAfee site advisor, IE tab, ref control.
Security Professional: Home User, external ip, firebug, firecookie, http fox, quick proxy, show ip, tamper data, web developer.
Pentesting Suite: not sure if browser plugins can replace BackTrack or seperate tools such as nmap, netcat/cryptcat, burp/paros, metasploit, etc. but I agree with Joel P. - Nathan Drier's Redspin is nice =)

securityfr3ak

Oct 9th 2009
1 decade ago

A more general use plugin is Prefbar:
http://prefbar.mozdev.org/ I use to disable JS/Java/Popups in one click.

Mathieu

Oct 9th 2009
1 decade ago

Some of the ones I use for WebApp testing include: firebug, xss me, sql inject me, hackbar(for the encoders), add n edit cookies, tamperdata(for when I just don't feel like launching paros or fiddler), and jsview

David Maloney

Oct 9th 2009
1 decade ago

We have recently released the Samurai Web Testing Framework Firefox add-ons collection, available at:
https://addons.mozilla.org/en-US/firefox/collection/samurai

Raul Siles

Oct 10th 2009
1 decade ago


iOpus iMacros can be useful for automating pen-testing procedures, and other tasks.
https://addons.mozilla.org/en-US/firefox/addon/3863

manichattan

Oct 13th 2009
1 decade ago

Login here to join the discussion.


Top of page
Diary Archives