The basic idea is using "popular" web browser (in this case "firefox") and its extensions (developed by ethical hackers and coders) to perform pentests and audit assessments.
Here is an updated list of useful security auditing extensions
u can download the OPML here then import it to bookmark, or u can download it manually.
hackbar, "This toolbar will help you in testing sql injections, XSS holes and site security. It is NOT a tool for executing standard exploits and it will NOT learn you how to hack a site. Its main purpose is to help a developer do security audits on his code." running on my browser
Advanced dork : Gives quick access to Google’s Advanced Operators directly from the context menu, helping u for doin google hacking :)
and else.. , so "No more Top 100 security tools, no more LiveCDs and no more exploitation frameworks. A security auditor without toolbox is like a cop without gun."
No comments:
Post a Comment