FireCAT: Deixando o seu Firefox pronto para um Pentest.

Saiu uma atualização do excelente Firecat, um framework desenvolvido para o Firefox que traz as principais extensões de segurança e aplicações para realização de auditorias ou testes de intrusão voltados ao mundo WEB.

A nova versão, 1.6.2, traz a seguinte lista de novas extensões e aplicações que vêm no Firecat:

FireCAT v1.6.2 – Firefox Catalog of Auditing exTension

• Information Gathering
  • Whois
    • Shazou
      • Finally mapping is integrated with the Firefox browser. The product called Shazou (pronounced Shazoo it is Japanese for mapping) enables the user with one-click to map and geo-locate any website they are currently viewing. Shazou was developed as a tool to improve the awareness for people surfing the internet about where and who they are interacting with every click of the mouse.
    • Active Whois plugin for Firefox
      • Active Whois plug-in for Firefox is launching the easy-to-use networks tool for the retrieving of all information such as country, email and postal addresses for the owners of IP addresses and Internet domains. It possible to investigate any web site including international top level domains to get its ownership details and the location of the servers hosting the site with just a single click.
    • domainFinder
      • Quickly carry out whois lookups on any url on a webpage or carry out a keyword domain search on any highlighted phrase or text.
    • Domain Details
      • Displays Server Type, Headers, IP Address, Location Flag, and links to Whois Reports. Shows links to check server status and cache when page fails to load.
  • Location Info
    • HostIP.info Geolocation Plugin
      • Displays Geolocation information for a website using hostip.info data. Works with all versions of Firefox.
    • ShowIP
      • Show the IP address(es) of the current page in the status bar. It also allows querying custom services by IP (right mouse button) and hostname (left mouse button), like whois, netcraft. Additionally you can copy the IP address to the clipboard. This extension was formerly known as ipv6ident.
    • ASnumber
      • The AS Number Extension displays interesting information the Internet Service Provider of every website visited. Along with it come some additional statistics for those who want to know what happens behind the Webs shiny surface. All data is updated daily and the prefix to AS number mapping is from a real default-free zone BGP feed.
    • Router Status
      • Shows the current status of your local network and devices/routers in the tool or status bar.
  • Enumeration & Fingerprint
    • Header Spy
      • Shows HTTP headers on statusbar.
    • Header Monitor
      • Statusbar with HTTP response header monitor. This is Firefox extension for display on statusbar panel any HTTP response header of top level document returned by a web server. Example: Server (by default), Content-Encoding, Content-Type, X-Powered-By and others.
    • PassiveRecon
      • PassiveRecon provides information security professionals with the ability to perform “packetless” discovery of target resources utilizing publicly available information.
    • Backend Software Information
      • Detect the backend software of the current website (Drupal 5.x, 6.x, WordPress 2.x, Django, phpBB, MediaWiki, MoinMoin, Joomla, Reddit, …).
    • Framework Detector
      • This add-on can automatically detect JavaScript framework/s used in current page. Can detect more than 70 popular JavaScript frameworks, libraries and components, including: Backbase, Dojo/Dijit, Echo, ExtJS, GWT, ICEfaces, jQuery, MooTools, Nitobi, Prototype, qooXdoo, Rialto, Rico, script.aculo.us, SmartClient, Spry, TinyMCE, YUI and many others. Based on WTFramework bookmarklet and Library Detector add-on.
  • Data Mining
    • People Search and Public Record Toolbar
      • This Firefox extension is a handy menu tool for investigators, reporters, legal professionals, real estate agents, online researchers and anyone interested in doing their own basic people searches and public record lookups as well as background research.
    • Who Is This Person?
      • Highlight any name on a web page and see matching information from Wink, LinkedIn, Wikipedia, Facebook, Google News, Technorati, Yahoo Person Search, Spock, WikiYou, ZoomInfo, IMDB, MySpace and more…
    • Facebook Toolbar
      • Integrate your Facebook life into your browser. Search Facebook from anywhere, Get Notified, Connect with Friends, Share Content, Upload Photos.
    • Maltego Firefox Plugin ? The Mesh!
      • Maltego Mesh is a firefox plugin that helps analysts in quickly find usefull information within a page, essentially it views the page you are looking at and tries to identify text within it that fits preset regular expressions.
  • Googling & Spidering
    • Advanced Dork:
      • Advanced Dork: gives quick access to Google’s Advanced Operators directly from the context menu.
    • SpiderZilla
      • SpiderZilla is an easy-to-use website mirror utility, based on Httrack from www.httrack.com.
    • View Dependencies
      • View Dependencies adds a tab to the Page Info window, in which it lists all the files which were loaded to show the current page.
    • Google Site Indexer
      • A Windows search program turned Firefox Extension, GSI Creates Site Maps based on Google queries. Useful for both Penetration Testing and Search Engine Optimization. GSI sends zero packets to the host making it anonymous.
• Proxies & Web Utilities
  • FoxyProxy Standard
    • FoxyProxy is an advanced proxy management tool that completely replaces Firefox’s limited proxying capabilities.
  • Multiproxy Switch
    • This tool lets you switch proxy between multiple configurations, and it’s easy to manage, easy to configure.
  • POW (Plain Old Webserver)
    • Turn the web on its head with the Plain Old Webserver (POW), which adds a server to your browser.
  • httProxy
    • Access any page via configured web based proxies.
• Editors
  • JSView
    • All browsers include a “View Source” option, but none of them offer the ability to view the source code of external files. Most websites store their javascripts and style sheets in external files and then link to them within a web page’s source code.
  • Cert Viewer Plus
    • Certificate viewer enhancements: PEM format view, file export, trust configuration. Extends the certificate viewer dialog with additional options: an X.509 certificate can be displayed in PEM format (opens in a new window) or saved to a file (PEM/DER/PKCS#7).
  • Firebug
    • Firebug integrates with Firefox to put a wealth of development tools at your fingertips while you browse. You can edit, debug, and monitor CSS, HTML, and JavaScript live in any web page.
    • Flashbug
      • A Firebug extension for Flash. Extensive Flash debugging add-on (swf resources, amf data, shared objects, traces, policy log). Requires Flash Player Debugger to display traces. Requires Firebug 1.6+. (For Flash Developers)
    • FirePath
      • FirePath is a Firebug extension that adds a development tool to edit, inspect and generate XPath 1.0 expressions and CSS 3 selectors.
    • Firecookie
      • Firecookie is an extension for Firebug that makes possible to view and manage cookies in your browser.
    • FireRainbow
      • Javascript syntax highlighting for Firebug.
  • XML Developer Toolbar
    • The aim of this toolbar is to help XML developers with their programming efforts by supplying a central toolbar for everything XML.
• Network Utilities
  • Intrusion Detection System
    • Firekeeper
      • Firekeeper is an Intrusion Detection and Prevention System for Firefox. It is able to detect, block and warn the user about malicious sites. Firekeeper uses flexible rules similar to Snort ones to describe browser based attack attempts. Rules can also be used to effectively filter different kinds of unwanted content.
  • Sniffers
    • FFsniFF (FireFox sniFFer)
      • FFsniFF is a simple Firefox extension, which transforms your browser into the html form sniffer. Every time the user click on ‘Submit’ button, FFsniFF will try to find a non-blank password field in the form. If it’s found, entire form (also with URL) is sent to the specified e-mail address. It also has the ability to hide itself in the ‘Extensions manager’. This extension is meant to be as an example of the ‘evil side of Firefox extensions’.
  • Wireless
    • JiWire Wi-Fi Toolbar
      • Find WiFi hotspots and monitor your wireless connection right from your Firefox browser. Quickly locate over 92,000 verified public Wi-Fi hotspots in 115 countries from JiWire’s website through multiple search options. Keep tabs on important…
  • Passwords
    • Unhide Passwords
      • If you aren’t concerned about someone looking over your shoulder and stealing your passwords, why hassle with those obfuscated password fields, where you never know whether you typed your 30 character code correctly or not…This extension shows the contents of password fields in cleartext (instead of the asterisks), to make that process a bit easier.
    • CryptoFox
      • CryptoFox is an encryption/decryption tool for Mozilla Firefox, with dictionary attack support for cracking MD5 passwords.
    • Fireforce
      • Fireforce is a Firefox extension designed to perform brute-force attacks on GET and POST forms. It can use dictionaries or generate passwords based on several character types. Attacks can be performed on two separate fields using two distinct password sources.
  • Protocols & Applications
    • FTP
      • Client and Server
        • CrossFTP
          • This plugin contains two free FTP tools: CrossFTP Client and Server, which provide an easy and simple way to access FTP services and create file sharing environment. CrossFTP Client is a multi-tabbed FTP client for stable transfers. It provides stable utilities to transfer files, browsing/create archives, anti-idles, choose server’s encodings, manage bookmarks, etc.
      • Client
        • FireFTP
          • FireFTP is a free, secure, cross-platform FTP client for Mozilla Firefox which provides easy and intuitive access to FTP servers.
    • DNS
      • DNS Unpinning
        • The DNSUnpinning Firefox extension provides an option in the Tools menu to disable or enable DNS caching/pinning. This extension may be useful to Web application developers, Web application security researchers, and perhaps the occasional system/network administrator of a load-balanced Web service. The extension creates the network.dnsCacheEntries preferences option and sets it to zero at browser startup, and a Tools menu item can set and clear this preference option.
    • ORACLE
      • OraDB Error Code Look-up
        • Simplifies getting details about error numbers hit when developing applications for Oracle database.
    • SQL
      • SQLite Manager
        • Manage any SQLite database on your computer.
      • SIDU DB Web GUI (MySQL + Postgres + SQLite)
        • SIDU is a FREE database client working via web browser. SIDU is simple, intuitive and easy database GUI tool to use. No installation, nor configuration.
• Misc
  • Tweaks & Hacks
    • Greasemonkey
      • Allows you to customize the way a webpage displays using small bits of JavaScript.
      • Scripts
        • Hundreds of scripts, for a wide variety of popular sites, are already available at http://userscripts.org.
    • Technika
      • Browser Automation Extension for Firefox. Technika is a general purpose scripting platform for Firefox. It acts like a standard OS shell scripting environment. You can script everything from the currently viewed page, just like Greasemonkey, and everything in the chrome, just like any browser extensions but without need to reload the browser every time you make a change. The platform will be used as a base component to other projects, such as TSF (Technika Security Framework) and AttackAPI browser extension.
  • Encryption / Hashing
    • Fire Encrypter
      • FireEncrypter is an Firefox extension which gives you encryption/decryption and hashing functionalities right from your Firefox browser, mostly useful for developers or for education & fun.
    • Net-Force Tools (Firefox Extension)
      • This extension adds some of the functionality of the Tools (http://www.net-force.nl/tools) to your right-click menu in Firefox. ASCII <-> Hex, ASCII <-> Binary, Base64 encode/decode, Javascript escape/unescape, MD5 hash, SHA1 hash.
    • FireGPG
      • FireGPG is a Firefox extension under MPL which brings an interface to encrypt, decrypt, sign or verify the signature of text in any web page using GnuPG.
    • MD Hash Tool
      • Message Digest Hash Tool is a Firefox extension which can be used to compute Message Digests for files and/or text strings using various algorithms (currently MD5 and SHA-1). These digests, sometimes referred to as “digital fingerprints”, are commonly used to verify that files have not been corrupted or tampered with. MDHashTool makes it easier for Firefox users to check the integrity of their downloads and generate digests for files they want to share.
  • Antivirus & Malware Scanner
    • QArchive.org web files checker
    • Dr.Web anti-virus link checker
      • This plugin allows you to check any file you are about to download, any page you are about to visit with online version of Dr.Web anti-virus!
    • ClamWin Antivirus Glue for Firefox
      • This extension scans every downloaded file automatically with ClamWin.
    • Fireclam
      • Use ClamAV to scan Firefox downloads for viruses. Every download will automatically be scanned in the background. An alert message is shown if a virus is found. Works on Linux, MacOS X (requires ClamAV) and Windows (requires ClamWin).
    • Web of Trust – Safe Browsing Tool
      • Would you like to know which websites you can trust? The Web of Trust (WOT) add-on is a safe surfing tool for your browser. Traffic-light rating symbols show which websites you can trust when you search, shop and surf on the Web.
    • BitDefender QuickScan
      • BitDefender QuickScan is a very fast antivirus scanner, able to determine in a matter of seconds (up to 1-2 minutes on first-time scans) if a system is infected with malware.
    • Viral Threat Level
      • Adds an image to the status bar indicating the current threat level of the internet. It allows quick access to security information that you can use to help protect yourself, and links to antivirus software comparisons and security extensions.
    • Team Cymru’s MHR
      • Malware Hash Registry (MHR). This extension allows you to quickly check your downloaded files against multiple anti-virus and anti-malware products with just one click.
    • Webutation – Reputation & Security
      • Would you like to know which websites are safe and which website you can trust? The Webutation add-on shows you the reputation of a site with a simple green/yellow/red icon and scan’s websites against virus and bad userfeedback.
    • Malware Hash Fox
      • This addon will scan every downloaded files for presence of viruses using the malwarehash.com service. You will be able to delete infected files and you can enable the option to automatically delete infected files founds.
  • Anti Spoof
    • refspoof
      • Easy spoofing of the URL referer (referrer) featuring a toolbar. This means it allows to pretend to origin from any site by overriding the url referrer in an http request.
  • Anti-phishing / Pharming / Jacking
    • TraceAssure Toolbar
      • TraceAssure’s groundbreaking patent-pending web authentication technology cross references every web page domain with the corresponding IP address. This information is validated against the secure TraceAssure “White List”.
    • Surf Jacking Cookie Security Inspector
      • Checks for insecure cookies based on Sandro Gauci’s Surf Jacking paper. When potentially-insecure sites are being viewed, a warning is displayed on the status bar. More information regarding the vulnerability this extension checks for can be obtained from Sandro’s Paper published on Enable Security. http://enablesecurity.com/2008/08/11/surf-jack-https-will-not-save-you
    • Netcraft Toolbar
      • Blocks phishing sites, helping to protect users from online fraud.
    • Interclue
      • Ever wanted to know what was behind the link before you clicked? Interclue tells you everything you need to know before you open yet another tab.
  • Automation
    • iMacros for Firefox
      • iMacros was designed to automate the most repetitious tasks on the web. If there’s an activity you have to do repeatedly, just record it in iMacros. The next time you need to do it, the entire macro will run at the click of a button! With iMacros, you can quickly and easily fill out web forms, remember passwords, create a webmail notifier, download information from other sites, scrape the Web (get data from multiple sites), and more. You can keep the macros on your computer for your own use, or share them with others by embedding them on your homepage, blog, company Intranet or any social bookmarking service. The uses are limited only by your imagination!
    • TestWise Recorder
      • TestWise Recorder for Firefox works as a browser extension and provides an easy way to record user operations into RWebSpec and Watir automated test scripts.
  • Logs / History
    • ergodoc add-on
      • This module aims to present your information retrieval from activities traces, and increase your reflexivity.
    • Slogger
      • Slogger creates a complete log of your browsing history. It can save every page using the same options as the “Save Page As” command as well as saving a customizable plain text history file.
    • Form History Control
      • An extension to View and Manage form history entries (view, edit, delete, selective clean-up, export/import)
  • Backup & Synchronization
    • FEBE
      • FEBE (Firefox Environment Backup Extension) allows you to quickly and easily backup your Firefox extensions. In fact, it goes beyond just backing up — It will actually rebuild your extensions individually into installable .xpi files. Now you can easily synchronize your office and home browsers.
    • OPIE
      • OPIE (Ordered Preference Import/Export) is a Firefox extension that allows you to import and export your installed extension preferences. This is useful when installing extensions in a new profile, or synchronizing multiple Firefox installations.
    • CLEO
      • CLEO (Compact Library Extension Organizer) is a Firefox extension that works with FEBE to package any number of extensions/themes into a single, installable .xpi file.
• IT Security Related
  • OSVBD Search
    • The Mozilla OSVDB Search utility will add the option to search OSVDB directly from your web browser’s side bar or search box. This will work in the Mozilla-based browsers: FireFox, Mozilla, Beonex, and Netscape.
  • CVE ® dictionary search plugin
    • This plugin lets you search on Common Vulnerabilities and Exposures (CVE®) dictionary.
  • OVAL repository search plugin
    • This plugin lets you search on OVAL Repository.
  • Homeland Security Threat Level
    • Displays the current U.S. Homeland Security Threat Level as an icon in the status bar.
  • Packet Storm search plugin
    • This plugin lets you search on Packet Storm – www.packetstormsecurity.org – database. Packet Storm offers an abundant resource of up-to-date and historical security tools, exploits, and advisories.
  • SecurityFocus Vulnerabilities search plugin
    • This plugin lets you search on Security Focus Vulnerabilities.
  • Offsec Exploit-DB Search
    • This plugin lets you search on Offsec Exploit archive – http://exploit-db.com. Offsec Exploit archive, also known as Explo.it, is the replacement of Milw0rm archive.
  • Security Database (ToolsWatch)
    • Security-Database Tools Watch is updated daily to maintain the community informed. It focuses on the best software ever.
  • SHODAN Computer Search
    • This plugin lets you search using the SHODAN computer search engine. You can get more information about keywords and options at http://shodan.surtri.com/
• Application Auditing
  • HackBar
    • This toolbar will help you in testing sql injections, XSS holes and site security. It is NOT a tool for executing standard exploits and it will NOT teach you how to hack a site. Its main purpose is to help a developer do security audits on his code. If you know what your doing, this toolbar will help you do it faster.
  • Selenium IDE
    • Selenium IDE is an integrated development environment for Selenium scripts. It is implemented as a Firefox extension, and allows you to record, edit, and debug tests. Selenium IDE includes the entire Selenium Core, allowing you to easily and quickly record and play back tests in the actual environment that they will run.
  • RESTTest
    • Construct custom HTTP requests to directly test requests against a server. RESTTest uses the XmlHttpRequest object and allows you to simulate XHR to quickly prototype requests and test security problems. Designed specifically for working with REST sources, supporting all HTTP methods.
  • FireWatir
    • FireWatir has a similar API to Watir, though accesses the DOM by invoking JavaScript by using the JSSh XPI to telnet into the browser. FireWatir is compatible with Firefox 1.5 and above: running on Windows, OSX and GNU\Linux. There is an ongoing merge of FireWatir and Watir; intially through running the Watir unit tests against FireWatir and eventually merging the code-bases.
    • Scripts
      • A collection of examples contributed by a variety of Watir People.
  • Chickenfoot
    • Chickenfoot is a Firefox extension that puts a programming environment in the browser’s sidebar so you can write scripts to manipulate web pages and automate web browsing. In Chickenfoot, scripts are written in a superset of Javascript that includes special functions specific to web tasks.
    • API & Commands
    • Scripts
  • Tamper Data
    • Use tamperdata to view and modify HTTP/HTTPS headers and post parameters. Trace and time http response/requests. Security test web applications by modifying POST parameters.
  • Header Monitor
    • Statusbar with HTTP response header monitor. This is Firefox extension for display on statusbar panel any HTTP response header of top level document returned by a web server. Example: Server (by default), Content-Encoding, Content-Type, X-Powered-By and others.
  • Live HTTP Headers
    • View HTTP headers of a page and while browsing.
  • RefControl
    • Control what gets sent as the HTTP Referer on a per-site basis. You create a list of sites, and the referrer that should be sent for each site. You can choose to send that referrer unconditionally or only for third-party requests. Additionally, you can specify the default behavior for any site not in the list.
  • User Agent Switcher
    • The User Agent Switcher extension adds a menu and a toolbar button to switch the user agent of the browser.
  • Add N Edit Cookies
    • Cookie Editor that allows you add and edit “session” and saved cookies.
  • CookieSwap
    • If you have multiple logins for web based e-mail accounts (like Gmail and Yahoo! mail), then CookieSwap enables you to easily switch between those different user accounts by swapping the ‘cookies’ that the sites use to know your identity.
  • CookieMan Context
    • Adds a context menu to Firefox’s cookie manager and permissions dialogs.
  • Web Developer
    • The Web Developer extension adds a menu and a toolbar with various web developer tools.
  • allcookies
    • Dumps ALL cookies (including session cookies) to Firefox standard cookies.txt file
  • DOM Inspector
    • DOM Inspector is a tool that can be used to inspect and edit the live DOM of any web document or XUL application. The DOM can be navigated using a two-paned window displaying a variety of different views on the document and all nodes within.
    • InspectThis
      • Inspect the current element with the DOM Inspector. Adds an entry to the context menu to open the DOM Inspector on the selected element. Ideal for AJAX, DHTML and JavaScript work.
  • FormFox
    • Do you know where your form information is going? This extension displays the form action (the site to which the information you’ve entered is being sent.) In any place where you can enter data, from search boxes to order forms, mouse over the final Submit button to reveal the destination.
  • Poster
    • A developer tool for interacting with web services and other web resources that lets you make HTTP requests, set the entity body, and content type. This allows you to interact with web services and inspect the results.
  • Exploit-Me
    • Exploit-Me is a suite of Firefox web application security testing tools designed to be lightweight and easy to use.
    • XSS Me
      • Cross-Site Scripting (XSS) is a common flaw found in todays web applications. XSS flaws can cause serious damage to a web application. Detecting XSS vulnerabilities early in the development process will help protect a web application from unnecessary flaws. XSS-Me is the Exploit-Me tool used to test for reflected XSS vulnerabilities.
    • SQL Inject Me
      • SQL Injection vulnerabilities can cause a lot of damage to a web application. A malicious user can possibly view records, delete records, drop tables or gain access to your server. SQL Inject-Me is Firefox Extension used to test for SQL Injection vulnerabilities.
    • Access Me
      • Access vulnerabilities in an application can allow an attacker to access resources without being authenticated. Access-Me is a Firefox extension used to test for Access vulnerabilities.
  • SQL Injection
    • SQL Injection is an Upgrade from the old form free, it is a component to transform checkboxes, radio buttons, select elements to a input text and enable disabled elements from all forms in a page. It makes easier to test and identify SQL injection vulnerabilities in web pages.
  • Groundspeed

O lançamento desta nova versão do Firecat foi bem badalado, tanto é que já foram realizados mais de 40.000 download. Ele possui mais 90 extensões disponível. O download do Firecat pode ser realizado na seguinte URL.