SecFox is collection of addons which is can be used to customize any firefox to a security assessment tool. Check http://a4apphack.com/sf1 for few tips and documentation
Control what gets sent as the HTTP Referer on a per-site basis.
SQL Injection vulnerabilites can cause a lot of damage to a web application. A malicious user can possibly view records, delete records, drop tables or gain access to your server. SQL Inject-Me is Firefox Extension used to test for SQL Injection vuln...
Do you know where your form information is going? This extension displays the form action (the site to which the information you've entered is being sent.) In any place where you can enter data, from search boxes to order forms, mouse over the...
A Windows search program turned Firefox Extension, GSI Creates Site Maps based on Google queries. Useful for both Penetration Testing and Search Engine Optimization. GSI sends zero packets to the host making it anonymous.
It adds a tab to the Page Info dialog box, which shows the cookies belonging to the current page.
Manage form history entries (search, edit, cleanup, export/import) and easy text formfiller.
Auto-save text entered in any form while typing to allow fast recovery when disaster strikes.
Control for which webpage form history is saved or not.
Adds a clear cache toolbar button. After installing the extension, find the clear cache button in the toolbar customization...
Simulate WAP browsing by viewing WML (Wireless Markup Language) pages.
Cross-Site Scripting (XSS) is a common flaw found in todays web applications. XSS flaws can cause serious damage to a web application. Detecting XSS vulnerabilities early in the development process will help protect a web application from unnecessary...
Changes the Location Bar of Firefox into a Breadcrumb display with rich and interactive features.
If you have multiple logins for web based e-mail accounts (like Gmail and Yahoo! mail), then CookieSwap enables you to easily switch between those different accounts by swapping the 'cookies' that the sites use to know you.
Displays Server Type, Headers, IP Address, Location Flag, and links to Whois Reports. Shows links to check server status and cache when page fails to load.
PassiveRecon provides information security professionals with the ability to perform "packetless" discovery of target resources utilizing publicly available information.