Web Application Security Penetration Testing

by adammuntner

67 Add-ons in this Collection

JSONView by Ben Hollis

Rated 5 out of 5 stars 176 reviews

101,931 users

View JSON documents in the browser.

Wappalyzer by Elbert Alias

Rated 4 out of 5 stars 107 reviews

75,215 users

Wappalyzer is a browser extension that identifies software on websites.

Modify Headers by Gareth Hunt

Rated 4 out of 5 stars 78 reviews

135,206 users

Add, modify and filter the HTTP request headers sent to web servers. This addon is particularly useful for Mobile web development, HTTP testing and privacy.

JavaScript Deobfuscator by Wladimir Palant

Rated 5 out of 5 stars 20 reviews

43,636 users

This add-on shows you what JavaScript code runs on a web page, even if it is obfuscated and generated on the fly. Simply open JavaScript Deobfuscator from the Web Developer menu and watch the scripts being compiled/executed.

Poster by Alex Milowski

Rated 4 out of 5 stars 62 reviews

39,127 users

A developer tool for interacting with web services and other web resources that lets you make HTTP requests, set the entity body, and content type. This allows you to interact with web services and inspect the results...

RefControl by James Abbatiello

Rated 4 out of 5 stars 186 reviews

85,488 users

Control what gets sent as the HTTP Referer on a per-site basis.

SQL Inject Me by Security Compass

Download Now

Experimental

Rated 4 out of 5 stars 26 reviews

10,236 users

SQL Injection vulnerabilites can cause a lot of damage to a web application. A malicious user can possibly view records, delete records, drop tables or gain access to your server. SQL Inject-Me is Firefox Extension used to test for SQL Injection vuln...

Screengrab by Andy M

Rated 4 out of 5 stars 587 reviews

17,080 users

Screengrab! saves webpages as images... but not for new versions of Firefox.

FF changes too fast and I don't have the time to maintain it anymore. Bugs have developed that I am not in a position to investigate.

Therefore, Screengrab is EOL.

ShowIP by ShowIP Dev Team

Download Now

Experimental

Rated 3 out of 5 stars 287 reviews

36,064 users

Show the IP address of the current page in the status bar. It also allows querying custom information services by IP (right click) and see location and avaiable vouchers for shopping sites. Additionally you can copy the IP address to the clipboard.

XSS Me by Security Compass

Download Now

Experimental

Rated 4 out of 5 stars 16 reviews

8,084 users

Cross-Site Scripting (XSS) is a common flaw found in todays web applications. XSS flaws can cause serious damage to a web application. Detecting XSS vulnerabilities early in the development process will help protect a web application from unnecessary...

View Source Chart by Jennifer Madden

Rated 5 out of 5 stars 109 reviews

10,350 users

Enables accelerated human processing of DOM

PassiveRecon by Justin Morehouse

Rated 3 out of 5 stars 7 reviews

2,770 users

PassiveRecon provides information security professionals with the ability to perform "packetless" discovery of target resources utilizing publicly available information.

Resurrect Pages by Anthony Lieuallen

Rated 5 out of 5 stars 69 reviews

18,509 users

Dead pages, broken links, the scourge of the internet. Powerhouse sites like Slashdot and Digg can bring a server to its knees. What do we do when a page is dead but we still want to see it? Call in the clerics, and perform a resurrection...

Capture Fox by Capture Fox Developer

Rated 4 out of 5 stars 102 reviews

343 users

You can capture your screen and record your voice to make screencasts (tutorials, e-lessons, etc.).

Greasefire by Steve Krulewitz, Erik Vold

Rated 4 out of 5 stars 162 reviews

8,367 users

Automatically find user scripts on Userscripts.org (requires Greasemonkey or Scriptish)
  1. 1
  2. 2
  3. 3
  4. 4
  5. 5
Results 1630 of 67

What are Collections?

Collections are groups of related add-ons that anyone can create and share.

Explore Collections