1. FOX TAB:
3D in your browser! FoxTab brings innovative 3D functionality to your Firefox.
New! Top Sites for FoxTab (aka Speed Dial).
Now you can access your most favorite sites from the familiar FoxTab interface.
FoxTab is a popular 3D tab management extension.
FoxTab powers Firefox with the following main features:
✔ Top Sites (aka Speed Dial) for quickly accessing your favorite web sites.
✔ Tab Flipper – to easily flip between opened tabs using mouse or keyboard gestures.
✔ Recently Closed Tabs – for reopening a tab that was recently closed.
Choose between 6 attractive 3D layouts.
2. GREASE MONKEY:
3. TAMPER DATA:
Use tamperdata to view and modify HTTP/HTTPS headers and post parameters.
Trace and time http response/requests.
Security test web applications by modifying POST parameters.
FYI current version of Google Web Accelerator is incompatible with the tampering function of TamperData. Your browser will crash.
4. XSS ME:
Cross-Site Scripting (XSS) is a common flaw found in todays web applications. XSS flaws can cause serious damage to a web application. Detecting XSS vulnerabilities early in the development process will help protect a web application from unnecessary flaws. XSS-Me is the Exploit-Me tool used to test for reflected XSS vulnerabilities.
5. ALEXA SPARKY:
Sparky is Alexa Internet’s free Firefox status bar plugin. Sparky accompanies you as you surf, providing you with Alexa data about the sites you visit without interrupting your browsing.
Discover website traffic trends — Is this site getting more popular, or less?
Get detailed traffic information including Reach and Rank — How does this site’s traffic compare to other sites on the Web?
Surf more efficiently with Related Links for each page — If I like this site, are there others that I might want to visit?
Gracefully navigate past dead end error pages — Enable Sparky’s optional custom error handling to get relevant alternative links when your browser encounters a network error.
Plus, as you browse with Sparky, you’re helping to make the Web a better place for everybody by contributing to the traffic information that Alexa provides.
6. SQL INJECT ME:
SQL Injection vulnerabilites can cause a lot of damage to a web application. A malicious user can possibly view records, delete records, drop tables or gain access to your server. SQL Inject-Me is Firefox Extension used to test for SQL Injection vulnerabilities.
SQL Inject Me is the Exploit-Me tool used to test for SQL Injection vulnerabilities.
The tool works by submitting your HTML forms and substituting the form value with strings that are representative of an SQL Injection attack.
The tool works by sending database escape strings through the form fields. It then looks for database error messages that are output into the rendered HTML of the page.
The tool does not attempting to compromise the security of the given system. It looks for possible entry points for an attack against the system. There is no port scanning, packet sniffing, password hacking or firewall attacks done by the tool.
This toolbar will help you in testing sql injections, XSS holes and site security. It is NOT a tool for executing standard exploits and it will NOT teach you how to hack a site. Its main purpose is to help a developer do security audits on his code. If you know what your doing, this toolbar will help you do it faster. If you want to learn to find security holes, you can also use this toolbar, but you will probably also need a book, a lot of Google and a brain
# The advantages are:
– Even the most complicated urls will be readable
– The focus will stay on the textarea, so after executing the url (Ctrl+Enter) you can just go on typing / testing
– The url in textarea is not affected by redirects.
– I tend to use it as a notepad
– Useful tools like on the fly uu/url decoding etc.
– All functions work on the currently selected text.
– MD5/SHA1/SHA256 hashing
– MySQL/MS SQL Server/Oracle shortcuts
– XSS useful functions
– And lots more Go test it!
– Load url ( Alt + A )
– Split url ( Alt + S )
– Execute ( Alt + X, Ctrl + Enter )
– INT -1 ( Alt – )
– INT +1 ( Alt + )
– HEX -1 ( Ctrl Alt – )
– HEX +1 ( Ctrl + Alt + )
– MD5 Hash ( Alt + M )
– MySQL CHAR() ( Alt + Y )
– MS SQL Server CHAR() ( Alt + Q )