Web Application Security Penetration Testing
About this Collection
Web hacking tools for Firefox Plugins are maintained by their authors. We maintain the list, but can not guarantee the trustworthiness of plugins. Maintained by Gotham Digital Science
68 Add-ons in this Collection
Wappalyzer is a browser extension that identifies software on websites.
Add, modify and filter the HTTP request headers sent to web servers. This addon is particularly useful for Mobile web development, HTTP testing and privacy.
A developer tool for interacting with web services and other web resources that lets you make HTTP requests, set the entity body, and content type. This allows you to interact with web services and inspect the results...
Control what gets sent as the HTTP Referer on a per-site basis.
Screengrab by Andy M
Screengrab! saves webpages as images... but not for new versions of Firefox.
FF changes too fast and I don't have the time to maintain it anymore. Bugs have developed that I am not in a position to investigate.
Therefore, Screengrab is EOL.
Show the IP address of the current page in the status bar. It also allows querying custom information services by IP (right click) and see location and avaiable vouchers for shopping sites. Additionally you can copy the IP address to the clipboard.
SQL Injection vulnerabilites can cause a lot of damage to a web application. A malicious user can possibly view records, delete records, drop tables or gain access to your server. SQL Inject-Me is Firefox Extension used to test for SQL Injection vuln...
Dead pages, broken links, the scourge of the internet. Powerhouse sites like Slashdot and Digg can bring a server to its knees. What do we do when a page is dead but we still want to see it? Call in the clerics, and perform a resurrection...
Cross-Site Scripting (XSS) is a common flaw found in todays web applications. XSS flaws can cause serious damage to a web application. Detecting XSS vulnerabilities early in the development process will help protect a web application from unnecessary...
PassiveRecon provides information security professionals with the ability to perform "packetless" discovery of target resources utilizing publicly available information.
Automatically find user scripts on Userscripts.org (requires Greasemonkey or Scriptish)
What are Collections?
Collections are groups of related add-ons that anyone can create and share.Explore Collections