10+ Google Chrome Extension For Penetration Testers

0

The BuiltWith Chrome Extension lets you find out what a website is built with by a simple click on the builtwith icon!

BuiltWith is a web site profiler tool. Upon looking up a page, BuiltWith returns all the technologies it can find on the page. BuiltWith’s goal is to help developers, researchers and designers find out what technologies pages are using which may help them to decide what technologies to implement themselves.

BuiltWith technology tracking includes widgets (snap preview), analytics (Google, Nielsen), frameworks (.NET, Java), publishing (WordPress, Blogger), advertising (DoubleClick, AdSense), CDNs (Amazon S3, Limelight), standards (XHTML,RSS), hosting software (Apache, IIS, CentOS, Debian).

Hunter

Hunter lets you find the people behind a website and their email addresses. When you click on the icon, you get a list of people with:

– Names
– Professional email addresses
– Social networks
– Job titles
– The public sources where this data has been collected

All the email addresses are returned with a quality score that evaluates the confidence they are accurate.

# Features

✓ Get email addresses from any website: when you are on a website, click on Hunter’s button in your browser to get every email addresses we found related to the website.

✓ Search a name in the search input to find the email address of someone.

✓ Click the “+” next to a person to save this lead to a list.

✓ Synchronize your leads to you favorite CRM or applications. Salesforce, Hubspot, Pipedrive or Zoho and hundred other applications can be connected.

# Is it free?

Yes, Hunter for Chrome is free to use. You get 100 free requests/month and can upgrade your account for more.

IP Address and Domain Information

This extension displays detailed information about the current website. The information can be used for online investigation and SEO purposes.

See IP info like (IPv4 and IPv6): location, DNS, whois data, routing, domain neighbors, blacklists and ASN information. Including a shortcut to Your public IP Address (myIP info).

See domain info like: Alexa en Quantcast ranking, DMOZ info, social media activity, WOT ranking, whois data and PageRank of every domain.

See provider info like: BGP, IPv4 subnets, IPv6 subnets, connected providers (peers), hosted nameservers, hosted domains, number of spam hosts, bogon subnets and whois data.

Shodan

The Shodan plugin for Chrome automatically checks whether Shodan has any information for the current website. Is the website also running FTP, DNS, SSH or some unusual service? With this plugin you can see all the info that Shodan has collected on a given website/ domain.

Wappalyzer


Wappalyzer is a cross-platform utility that uncovers the technologies used on websites. It detects content management systems, ecommerce platforms, web frameworks, server software, analytics tools and many more.

XSS Rays

SS Rays is a security tool to help pen test large web sites. It’s core features include a XSS scanner, XSS Reverser and object inspection. Need to know how a certain page filters output? Don’t have the source? No problem. XSS Rays will blackbox reverse a XSS filter without needing the source code.

You can also extract/view and edit forms non-destructively that normally can’t be edited. For example if you want to modify the value of a checkbox without changing it’s type XSS Rays can link to the object and allow you to change the value without altering the original object.

Using the object inspector you can browse through the window object and edit the contents of the functions in real time allowing you to dissect a web page and understand more how it works. This also works with globally defined functions, you can see which functions the developer has decided to place within the window object.

If you have ever wanted to search all files for a particular string, you can use the search feature to use regular expressions on all scripts and event handlers, highlighting the required keywords.

Google Hack Data Base

 

Google Hack Data Base – application to work with GHDB. Choose a category and click on the necessary query. To find description vulnerability, click “Search on www.exploit-db.com”. Application provides possibility to search vulnerabilities on the specified site. Just click on the search button and enter the site name. This application allows a better understanding of the basis web security.

HPP Finder

HTTP Parameter Pollution (HPP) is a recently discovered web exploitation technique. Please read the NDSS 2010 paper for more details about the technique. HPP Finder is a Chrome extension designed for detecting HPP attempts. HPP Finder can detect URLs and HTML forms that might be susceptible of parameter pollution, but it is not a complete solution against HPP.

 

Site Spider

 

Use this extension to spider a website looking for dead links. One can restrict the spidering to a directory, a domain, or any other regular expression. The spider can also follow one link beyond this restriction, allowing one to find broken external links.

Usage: Install the plugin. Go to the page you want to start from. Click the spider icon in your toolbar. Set the restriction regular expression and go. To cancel a spidering session before it has finished, just close its results tab.

Security: Because this is a client-side spider, it uses your own authentication to access pages. Thus it can go wherever you have access to go. This plugin does not log any data or “phone home” in any way. It is completely open source.

Hack Tab Web Security Tests

HackTab is a web vulnerability testing application in your browser. When enabled for a targeted domain It watches all communication between your browser and the site you are testing and it identifies each parameter and data type for each parameter. This allows HackTab to re-create any communication between your browser and the target domain and test all HTTP parameter inputs to the application. Hacktab only tracks requests to domains you target and includes watermarks on pages it is tracking.

HackTab currently tests for Reflected Cross Site Scripting, Persistent XSS, SQL Injection, Local File Includes and Cross Site Request Forgery. It is blazingly fast and can handle most web forms including forms with CSRF protection.

Hookish !

 

A Swiss Army knife for advanced penetration testing of web clients. Hookish! does all kinds of hooking in to your web app’s DOM and lets you analyze web apps more effectively.

Features:
* Statically analyze any web page for Javascript issues.
* Hook multiple DOM sources and sinks
* Hook XHR requests and responses
* Unsafe anchor tags (target=_blank)
* Hook WebSocket responses.
* Show function call trace.
* Hook XHR responses and correlate with DOM mutations.