FireCAT
FireCAT is a Firefox Framework Map collection of the most useful security oriented plug-ins. FireCAT has associated Firefox plug-ins that will help performing a vulnerability assessment/ Penetration Test with the following tasks/stages:
File Cookie Editing Information Gathering IT security Related Miscellaneous Network Utilities Security Auditing Web/ Proxy Utilities
It is available in three formats, HTML, PDF and Freemind .mm from here Changes for version 1.4 Information Gathering (Enumeration and Fingerprinting) Passive Recon : PassiveRecon allows Information Security professionals the ability to perform "packetless" discovery of target resources utilizing publicly available information Security Auditing Selenium IDE : Selenium is a test tool for web applications. Selenium tests run directly in a browser, just like real users do RESTTest : Construct custom HTTP requests to directly test requests against a server. RESTTest uses the XmlHttpRequest object and allows you to simulate XHR to quickly prototype requests and test security problems. Designed specifically for working with REST sources, supporting all HTTP methods Acunetix Firefox plugin: Read here a good review by Kev Orrey. IT Security Related Added Milw0rm Exploits Search Changes for version 1.3 Information Gathering (Googling and Spidering) - GSI Google Site indexer (GSI Creates Site Maps based on Google queries. Useful for both Penetration Testing and Search Engine Optimization. GSI sends zero packets to the host making it anonymous)
Information Gathering (Data mining) - Who is this person (Highlight any name on a web page and see matching information from Wink, LinkedIn, Wikipedia, Facebook, Google News, Technorati, Yahoo Person Search, Spock, WikiYou, ZoomInfo, IMDB, MySpace and more...)
- FaceBook Toolbar (Search Facebook from anywhere The Search Box allows you to easily search Facebook no matter)
Information Gathering (Location info) - Router Status (Shows the current status of your router in the status bar and allows you to control it)
Security Auditing - XSS-Me (the Exploit-Me tool used to test for reflected Cross-Site Scripting (XSS) vulnerabilities)
- SQL Inject-Me (the Exploit-Me tool used to test for SQL Injection vulnerabilities)
- FireWatir (Watir is a simple open-source library for automating web browsers. It allows you to write tests that are easy to read and easy to maintain. It is optimized for simplicity and flexibility)
Network utilities (Database) - SQLite Manager (Manage any SQLite database on your computer.)
Requirements:
Firefox obviously!
|