Web Application Security Penetration Testing

by adammuntner

68 Add-ons in this Collection

JSONView by Ben Hollis

Rated 5 out of 5 stars 165 reviews

111,159 users

View JSON documents in the browser.

Wappalyzer by Elbert Alias

Rated 4 out of 5 stars 103 reviews

77,329 users

Wappalyzer is a browser extension that identifies software on websites.

Modify Headers by Gareth Hunt

Rated 4 out of 5 stars 76 reviews

100,941 users

Add, modify and filter the HTTP request headers sent to web servers. This addon is particularly useful for Mobile web development, HTTP testing and privacy.

JavaScript Deobfuscator by Wladimir Palant

Rated 5 out of 5 stars 20 reviews

50,433 users

This add-on shows you what JavaScript code runs on a web page, even if it is obfuscated and generated on the fly. Simply open JavaScript Deobfuscator from the Web Developer menu and watch the scripts being compiled/executed.

Poster by Alex Milowski

Rated 4 out of 5 stars 62 reviews

45,416 users

A developer tool for interacting with web services and other web resources that lets you make HTTP requests, set the entity body, and content type. This allows you to interact with web services and inspect the results...

RefControl by James Abbatiello

Rated 4 out of 5 stars 186 reviews

191,235 users

Control what gets sent as the HTTP Referer on a per-site basis.

Screengrab by Andy M

Rated 4 out of 5 stars 587 reviews

18,755 users

Screengrab! saves webpages as images... but not for new versions of Firefox.

FF changes too fast and I don't have the time to maintain it anymore. Bugs have developed that I am not in a position to investigate.

Therefore, Screengrab is EOL.

ShowIP by ShowIP Dev Team

Download Now

Experimental

Rated 3 out of 5 stars 286 reviews

43,466 users

Show the IP address of the current page in the status bar. It also allows querying custom information services by IP (right click) and see location and avaiable vouchers for shopping sites. Additionally you can copy the IP address to the clipboard.

SQL Inject Me by Security Compass

Download Now

Experimental

Rated 4 out of 5 stars 15 reviews

11,509 users

SQL Injection vulnerabilites can cause a lot of damage to a web application. A malicious user can possibly view records, delete records, drop tables or gain access to your server. SQL Inject-Me is Firefox Extension used to test for SQL Injection vuln...

Resurrect Pages by Anthony Lieuallen

Rated 5 out of 5 stars 66 reviews

21,048 users

Dead pages, broken links, the scourge of the internet. Powerhouse sites like Slashdot and Digg can bring a server to its knees. What do we do when a page is dead but we still want to see it? Call in the clerics, and perform a resurrection...

XSS Me by Security Compass

Download Now

Experimental

Rated 4 out of 5 stars 16 reviews

8,975 users

Cross-Site Scripting (XSS) is a common flaw found in todays web applications. XSS flaws can cause serious damage to a web application. Detecting XSS vulnerabilities early in the development process will help protect a web application from unnecessary...

View Source Chart by Jennifer Madden

Rated 5 out of 5 stars 110 reviews

11,812 users

Inspect the DOM at lightning speed.

PassiveRecon by Justin Morehouse

Rated 3 out of 5 stars 7 reviews

2,889 users

PassiveRecon provides information security professionals with the ability to perform "packetless" discovery of target resources utilizing publicly available information.

Greasefire by Steve Krulewitz, Erik Vold

Rated 4 out of 5 stars 162 reviews

9,716 users

Automatically find user scripts on Userscripts.org (requires Greasemonkey or Scriptish)

Capture Fox by Capture Fox Developer

Rated 4 out of 5 stars 102 reviews

411 users

You can capture your screen and record your voice to make screencasts (tutorials, e-lessons, etc.).
  1. 1
  2. 2
  3. 3
  4. 4
  5. 5
Results 1630 of 68

What are Collections?

Collections are groups of related add-ons that anyone can create and share.

Explore Collections