USEFUL BROWSER PLUGINS for PENETRATION TESTING / WEB APPLICATION SECURITY TESTING




Firefox

Recon
ShowIP https://addons.mozilla.org/en-US/firefox/addon/showip/
Domain Details https://addons.mozilla.org/en-US/firefox/addon/domain-details/
Passive Recon https://addons.mozilla.org/en-US/firefox/addon/passiverecon/
Request Capture and Modification
Tamper Data https://addons.mozilla.org/en-US/firefox/addon/tamper-data/
Cookies
Cookie Manager+ https://addons.mozilla.org/en-US/firefox/addon/cookies-manager-plus/
Web Services
Poster https://addons.mozilla.org/en-us/firefox/addon/poster/
Page and Script Analysis
Firebug https://addons.mozilla.org/en-US/firefox/addon/firebug/
FlashFirebug https://addons.mozilla.org/en-US/firefox/addon/flashfirebug/
Web Developer https://addons.mozilla.org/en-US/firefox/addon/web-developer/
View Dependencies https://addons.mozilla.org/en-US/firefox/addon/view-dependencies/
JavaScript Deobfuscator https://addons.mozilla.org/en-us/firefox/addon/javascript-deobfuscator/
Header Analysis
Live HTTP Headers https://addons.mozilla.org/en-US/firefox/addon/live-http-headers/
Wappalyzer https://addons.mozilla.org/en-US/firefox/addon/wappalyzer/
Multi Purpose
Hackbar https://addons.mozilla.org/en-US/firefox/addon/hackbar/
Search Engines
Offensive Security ExploitDB https://addons.mozilla.org/en-US/firefox/addon/offensive-security-exploit-dat/
OSVDB https://addons.mozilla.org/en-US/firefox/addon/osvdb/
PacketStorm https://addons.mozilla.org/en-US/firefox/addon/packet-storm-search-plugin/
SecurityFocus https://addons.mozilla.org/en-US/firefox/addon/securityfocus-vulnerabilities-/
Default Passwords - CIRT.net https://addons.mozilla.org/en-US/firefox/addon/default-passwords-cirtne-58786/
Utilities
FireShot https://addons.mozilla.org/en-US/firefox/addon/fireshot/
Capture Fox (up to v6) https://addons.mozilla.org/en-US/firefox/addon/capture-fox/
TabMix Plus https://addons.mozilla.org/en-US/firefox/addon/tab-mix-plus/
NoScript https://addons.mozilla.org/en-US/firefox/addon/noscript/
Less Spam, Please https://addons.mozilla.org/en-US/firefox/addon/less-spam-please/
IE Tab 2 https://addons.mozilla.org/en-US/firefox/addon/ie-tab-2-ff-36/
Misc
JSON View https://addons.mozilla.org/en-US/firefox/addon/jsonview/
RESTClient https://addons.mozilla.org/en-US/firefox/addon/restclient/
FirePath https://addons.mozilla.org/en-US/firefox/addon/firepath/
Groundspeed https://addons.mozilla.org/en-US/firefox/addon/groundspeed/
Elite Proxy Switcher https://addons.mozilla.org/en-US/firefox/addon/elite-proxy-switcher/
FoxyProxy Standard https://addons.mozilla.org/en-US/firefox/addon/foxyproxy-standard/
Host Spy https://addons.mozilla.org/en-US/firefox/addon/host-spy/
ViewStatePeeker https://addons.mozilla.org/en-us/firefox/addon/viewstatepeeker/
User Agent Switcher https://addons.mozilla.org/en-US/firefox/addon/user-agent-switcher/
CryptoFox https://addons.mozilla.org/en-US/firefox/addon/cryptofox/

Chrome

Recon
IP Address and Domain Information https://chrome.google.com/webstore/detail/lhgkegeccnckoiliokondpaaalbhafoa
Network & Internet Tools https://chrome.google.com/webstore/detail/ekpdpmpcgcmpaeokmclflfpadaklgpji
Request Capture and Modification
Tampermonkey https://chrome.google.com/webstore/detail/dhdgffkkebhmkfjojejmpbldmpobfkfo
Request Maker https://chrome.google.com/webstore/detail/kajfghlhfkcocafkcjlajldicbikpgnp
Dev HTTP Client https://chrome.google.com/webstore/detail/aejoelaoggembcahagimdiliamlcdmfm
Page and Script Analysis
Firebug Lite https://chrome.google.com/webstore/detail/bmagokdooijbeehmkpknfglimnifench
Web Developer https://chrome.google.com/webstore/detail/bfbameneiokkgbdmiekhjnmfkcnldhhm
Web Edit https://chrome.google.com/webstore/detail/knkafdhggfbbpbdojbegpokhiiclpnml
Cookies
Swap My Cookies https://chrome.google.com/webstore/detail/dffhipnliikkblkhpjapbecpmoilcama
Edit This Cookie https://chrome.google.com/webstore/detail/fngmhnnpilhplaeedifhccceomclgfbg
Header Analysis
Recx Security Analyzer https://chrome.google.com/webstore/detail/ljafjhbjenhgcgnikniijchkngljgjda
Wappalyzer https://chrome.google.com/webstore/detail/gppongmhjkpfnbhagpmjfkannfbllamg
HTTPHeaders https://chrome.google.com/webstore/detail/hplfkkmefamockhligfdcfgfnbcdddbg
Utilities
Awesome Screenshot https://chrome.google.com/webstore/detail/alelhddbbhepgpmgidjdcjakblofbmce
NotScript https://chrome.google.com/webstore/detail/odjhifogjcknibkahlpidmdajjpkkcfn
Easy Disposable Email Address https://chrome.google.com/webstore/detail/mkpfodpjhekjdhkchalfflggeoamfajh
IE Tab Multi https://chrome.google.com/webstore/detail/fnfnbeppfinmnjnjhedifcfllpcfgeea
Advanced Encoder / Decoder https://chrome.google.com/webstore/detail/ochhcobhdebiaimobmlnjogeggcgafgd
Proxy Switchy https://chrome.google.com/webstore/detail/caehdcpeofiiigpdhbabniblemipncjj
Chrome Remote Desktop https://chrome.google.com/webstore/detail/gbchcmhmhahfdphkhkmpfmihenigjmpp
Misc
XSS Rays https://chrome.google.com/webstore/detail/kkopfbcgaebdaklghbnfmjeeonmabidj
Postman REST Client https://chrome.google.com/webstore/detail/fdmmgilgnpjigdojojpjoooidkmcomcm
Simple REST Client https://chrome.google.com/webstore/detail/fhjcajmcbmldlhcimfajhfbgofnpcjmb
JSON View https://chrome.google.com/webstore/detail/chklaanhfefbnpoihckbnefhakgolnmc
XPath Helper https://chrome.google.com/webstore/detail/hgimnogjllphhhkhlmebbmlgjoejdpjl

Prepackaged Browsers

Mantra http://www.getmantra.com/download/index.html
Sandcat http://www.syhunt.com/?n=Sandcat.Browser
HconSTF http://www.hcon.in/downloads.html

More mindmaps and templates in the MindMaps section at http://www.amanhardikar.com/mindmaps.html