Showing posts with label ethical hacking. Show all posts
Showing posts with label ethical hacking. Show all posts

Tuesday, 28 October 2014

How To Use Google Chrome For Hacking

Up till now, firefox was widely used by hackers and pentesters for their day to dayjob due to tremendous plugins that would make their work much easier for them.
However now a days i prefer google chrome more than firefox, due to wide variety of interesting extensions that may provide a great aid in hacking and pentration testing.Their are lots and lots of google chrome extension that can be used for hacking, however i have complied a list of my favorite ones, which i use frequently in order to test different types of web applications for security vulnerabilities.
How To Use Google Chrome For Hacking - Extensions
XSS Rays
Xss rays would certainly be at the top of mylist,  XSS rays includes a scanner, XSS reverser and a DOM inspection tool. Although it does makes the browser a bit unstable when you are performing heavy scans, However it's really handy in detecting XSS attacks. It's a perfect replacement to. XSSME. that is used in firefox for detecting XSS attacks.
Official Description
XSS Rays is asecuritytoolto help pen test large web sites. It's core features include a XSS scanner, XSS Reverser and object inspection. Need to know how a certain page filters output? Don't have the source? No problem. XSS Rays will blackbox reverse a XSS filter without needing the source code.
Websecurify Scanner
Websecurify Scanner is a really powerful scanner capable of detecting lots of web application attacks. Although it generates lots of false positives, mostly related to. CSRF attacks. However it's really handy in detecting XSS attacks. It's fully awesome automated and very user friendly.
Usage
1.All you need to do is to install the websecurity scanner from the link above and visit the following page:https://suite.websecurify.com/foundation
2. Just enter the URL and it will automatically start scanning.
HPP Finder
HPP finder is capable of easily detecting Http Parameter Pollution attacks. HTTP Parameter Pollution is newest type of web application attacks, Their is not very much information available on it as compared to other attacks such as XSS,SQLinjection. However the one that's available is very handy.Official DescriptionHTTP Parameter Pollution (HPP) is a recently discovered web exploitation technique. Please read the NDSS 2010 paper for more details about the technique. HPP Finder is a Chrome extension designed for detecting HPP attempts. HPP Finder can detect URLs and HTML forms that might be susceptible of parameter pollution, but it is not a complete solution against HPP.XSS CHEFXSS Chef is a perfect replacement to BEEF (Browser Exploitation Framework) for google chrome Cookie EditorCookie Editor is a very useful google chrome extension for hackers, I mostly use it, when i am performing session hijacking attacks.

Friday, 10 October 2014

How To Use Google Chrome For Hacking


Up till now, firefox was widely used by hackers and pentesters for their day to dayjob due to tremendous plugins that would make their work much easier for them.

However now a days i prefer google chrome more than firefox, due to wide variety of interesting extensions that may provide a great aid in hacking and pentration testing.Their are lots and lots of google chrome extension that can be used for hacking, however i have complied a list of my favorite ones, which i use frequently in order to test different types of web applications for security vulnerabilities.

How To Use Google Chrome For Hacking - Extensions

XSS Rays

Xss rays would certainly be at the top of mylist,  XSS rays includes a scanner, XSS reverser and a DOM inspection tool. Although it does makes the browser a bit unstable when you are performing heavy scans, However it's really handy in detecting XSS attacks. It's a perfect replacement to. XSSME. that is used in firefox for detecting XSS attacks.

Official Description

XSS Rays is asecuritytoolto help pen test large web sites. It's core features include a XSS scanner, XSS Reverser and object inspection. Need to know how a certain page filters output? Don't have the source? No problem. XSS Rays will blackbox reverse a XSS filter without needing the source code.

Websecurify Scanner

Websecurify Scanner is a really powerful scanner capable of detecting lots of web application attacks. Although it generates lots of false positives, mostly related to. CSRF attacks. However it's really handy in detecting XSS attacks. It's fully awesome automated and very user friendly.

Usage

1.All you need to do is to install the websecurity scanner from the link above and visit the following page:https://suite.websecurify.com/foundation

2. Just enter the URL and it will automatically start scanning.

HPP Finder

HPP finder is capable of easily detecting Http Parameter Pollution attacks. HTTP Parameter Pollution is newest type of web application attacks, Their is not very much information available on it as compared to other attacks such as XSS,SQLinjection. However the one that's available is very handy.Official DescriptionHTTP Parameter Pollution (HPP) is a recently discovered web exploitation technique. Please read the NDSS 2010 paper for more details about the technique. HPP Finder is a Chrome extension designed for detecting HPP attempts. HPP Finder can detect URLs and HTML forms that might be susceptible of parameter pollution, but it is not a complete solution against HPP.XSS CHEFXSS Chef is a perfect replacement to BEEF (Browser Exploitation Framework) for google chrome Cookie EditorCookie Editor is a very useful google chrome extension for hackers, I mostly use it, when i am performing session hijacking attacks

Popular Posts