Friday, June 27, 2014

Web Dev and Auditing Tools

I've been using Firefox for a while and I find it to have some of the best tools for web development and basic auditing. So I decided to make a collection of some of the tools I think are very useful. You can check it out here. Just to add some explanation, here's a quick breakdown and explanation of the tools and what you could potentially use them for.

Firebug - This tool is one of my favorites. There is a Javascript console to interact with web pages and inject code in. DOM inspection as easy as a right click. Viewing of CSS and quick editing for adding or removing properties. HTML editing. Network monitoring. Cookie viewing and editing. It's the most amazing web development tool.

NoScript - Not only is this a security tool, it allows you to enable or disable various pieces of Javascript and Flash on a web page. I've used it to see websites before Javascript dynamically alters them and that can be quite useful. Also gives some ways around those annoying Javascript validation checks.

Greasemonkey - A very robust tool to create user scripts. A user script will run when a web page loads, basically giving you an automatic way of injecting Javascript code. On top of that, there is quite a repository of useful tweaks and tools that you can add in. Lots of potential for what you can do with this one.

Tamper Data - Spoof headers. Plain, simple, easy. A great way to check for security holes, bugs or just have fun sending sites erroneous data.

Cookies Manager+ - View and edit cookies. Firebug can do this, but the interface here is a bit better for such tasks in my opinion.

Hackbar - A toolbar with some premade tools to aid in auditing and penetration testing. This won't hack a site for you, but it makes setting up a hack a little bit quicker and a lot easier. It requires some skill and knowledge to use but can give you some ideas of things to look into to learn as well.

RefControl - Spoof your referer. It will allow you to automate spoofing your referer.

User Agent Switcher - Tell a site you're a different browser, a made-up browser, look for security holes or whatever. This allows you to automatically spoof your User-Agent.

Tag Cloud

.NET (1) A+ (1) addon (6) Android (3) anonymous functions (5) application (9) arduino (1) artificial intelligence (2) bash (3) c (7) camera (1) certifications (1) cobol (1) comptia (2) computing (2) css (2) customize (15) encryption (2) error (15) exploit (13) ftp (2) gadget (2) games (2) Gtk (1) GUI (5) hardware (6) haskell (15) help (5) HTML (4) irc (1) java (5) javascript (20) Linux (18) Mac (4) malware (1) math (8) network (5) objects (2) OCaml (1) perl (4) php (8) plugin (6) programming (42) python (24) radio (1) regex (3) security (21) sound (1) speakers (1) ssh (1) telnet (1) tools (11) troubleshooting (1) Ubuntu (3) Unix (4) virtualization (1) web design (14) Windows (6) wx (2)