Thursday, March 22, 2007

FireCAT - Firefox Extensions For Web Security

Sometimes it really pays to follow the odd post.

Case in point, the path to an encounter with the FireCAT.

The other day I was going through my RSS feeds and came across a post in my security pile: SecuriTeam Blogs » Procrastinate another 2 minutes.

Not a deeply significant post (no offense Dmitry) but buried in it was a tip to a list of Firefox extensions of particular interest to pen-testers.

So I followed that link...and met up with the FireCAT.

Wow!

FireCAT

I need to say up front, that FireCAT is not an extension.

FireCAT stands for "Firefox Catalog of Auditing Toolbox" and now is at version 0.95.

That link contains a PDF file with the map and linkage as well as a zip file that contains a OPML file that can be imported to be used like a feed/bookmark list.

Simply put by the folks at Security Database who assembled it, FireCAT is a framework map of "...the most useful security orientated extensions" for Firefox. It's a list of dead-useful extensions for the security-minded.

Security Database originally posted the article Turning Firefox to an Ethical Hacking Platform - Security Database Tools Watch.

This spun off into what would become known as FireCAT.

FireCAT Highlights

Looking through the list or the PDF finds a number of neat security related extensions. I don't want to copy Security Database's hard work...but here are just a few choice Firefox extensions in the list most users might find useful:

ShowIP - displays the IP address of the current page in the status bar, with more options.

Shazou - in one click-display a pop-up map showing the geographic location of the IP address of the viewed page.

Advanced dork - provides right-click context menu access to many of Google's Advanced Operators. Pretty handy.

Add N Edit Cookies - allows you to view and edit specific cookies.

Dr.Web anti-virus link checker - provides right-click option to scan a download file or webpage BEFORE you download or load it. Fast and handy. I always scan downloaded files before opening, but this one scans them before you even download! Clever! All done directly on the Dr.Web anti-virus scanning servers not your local pc.

Firebug - Handy tool to check and explore the web-page coding on pages.

While I wouldn't recommend most of them to everyone, some are quite specialized and others have some "complaints" expressed in the Add-on comments for them, they are worth looking into.

Take a look at the whole FireCAT list and see if any might fit your needs.

Cool stuff!

--Claus

1 comment:

Anonymous said...

Hello,
Most extensions enumerated in FireCAT 1.4 can be found in a package on phrack.fr :
http://phrack.fr/tools/FireCAT-1.4.tar.gz