Top 25 Browser Extensions for Pentesters and Bugbounty Hunters (2022)

extension for hacker

Getting a step ahead of the others, be it other bugbounty hunter or a malicious actor is what every bug bounty hunter or pentester wants. This can be achieved my making your favorite browser, your ultimate hacking tool with help of these amazing browser extensions. 
This is Anugrah SR here with another interesting blog as an extension of my twitter thread that was shared few days ago. Buckled up! Here I will list out all my faviourte browser extensions that can enhance your Pentesting/Bug bounty hunting.

1. FoxyProxy Standard

FoxyProxy is an advanced proxy management tool that completely replaces Firefox's limited proxying capabilities. Put simply, FoxyProxy automates the manual process of editing Firefox's Connection Settings dialog. Hassle of setting up Burp Suite is replaced with a single click now thanks to the help of FoxyProxy.


2. Multi-Account Containers

Firefox Multi-Account Containers lets you keep parts of your online life separated into color-coded tabs. Cookies are separated by container, allowing you to use the web with multiple accounts and integrate Mozilla VPN for an extra layer of privacy. This will let you test for broken access control issues easily.

3. PwnFox


PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit. Features includes:  
- Single click BurpProxy  
- Containers Profiles  
- PostMessage Logger  
- Toolbox injection  
- Security header remover


As said before as it's a power combo, it can be coupled with Burp suite to find Broken access control issues.

4. HackTools

The all in one Red team extension for web pentester. HackTools, is a web extension facilitating your web application penetration tests, it includes cheat sheets as well as all the tools used during a test such as XSS payloads, Reverse shells and much more. With the extension you no longer need to search for payloads in different websites or in your local storage space, most of the tools are accessible in one click. 
Features includes:  
- Dynamic Reverse Shell generator (PHP, Bash, Ruby, Python, Perl, Netcat)
- Shell Spawning (TTY Shell Spawning)
- MSF Venom Builder
- XSS Payloads
- Basic SQLi payloads
- Local file inclusion payloads (LFI)
- Data Encoding
- Obfuscated Files or Information
- Hash Generator (MD5, SHA1, SHA256, SHA512, SM3)
- Useful Linux commands (Port Forwarding, SUID)
- RSS Feed (Exploit DB, Cisco Security Advisories, CXSECURITY)
- CVE Search Engine
- Various method of data exfiltration and download from a remote machine

5. Wappalyzer

In simple terms wappalyzer Identify web technologies. Wappalyzer is a technology profiler that shows you what websites are built with. Find out what CMS a website is using, as well as any framework, ecommerce platform, JavaScript libraries and many more. So if you found a outdated WordPress or other technology you know what to do next.

6. Shodan

Shodan is a search engine that lets users search for various types of servers connected to the internet using a variety of filters. This add-on retrieves data gathered by Shodan.io of the current website you're browsing.  
It displays you general information such as the Organization but also open ports.!

7. DotGit

An extension for checking if .git is exposed in visited websites. A Bugbounty hunter or Pentester will know .git is a gold mine and can escalate to critical issues.

Features:
-   Check if a .git/.svn/.hg folder exists for each site you visit
-   Check if a .env file exists for each site you visit
-   Check if the site is open source (github/gitlab)
-   Check if the site has security.txt
-   You will be notified when a folder is found
-   List of exposed sites found
-   Download the entire .git folder in zip format, even if the files are not listed on the site
-   View .git/config with one click
-   Options for: colors, notifications and downloads

Tip: By default, svn, mercurial and dotenv are disabled, to activate them just go to settings and turn them on

8. Cookie-Editor

Cookie-Editor lets you efficiently create, edit and delete a cookie for the current tab. Perfect for developing, quickly testing or even manually managing your cookies for your privacy. This will help you find vulnerabilities in cookies, low hanging fruits like invalidation of session cookies after logout etc.

9. S3 Bucket List

Hackers love s3, because they are misconfigured most of the time. Easy bug and bounty! 
S3 Bucket List extension will help you find Amazon S3 Buckets while browsing then records it in the add-on content.

10. Hackbar

A HackBar for google chrome/firefox browser. Small tool for pentesting websercurity. 
 Features:
- Load, split, execute url from address bar.
- Custom/add referrer url, User Agent, cookie.
- Tools: md5, sha1, sha256, rot13 encryption, url, base64 encoding, beautifier json data, sql, xss features.

11. Hunter

Find email addresses from anywhere on the web, with just one click. With Hunter for Firefox/Chrome, you can immediately find who to contact when you visit a website. Along with the email addresses, you can get the names, job titles, social networks and phone numbers. All the data has public sources detailed in the search results.

12. Modify Header Value

Modify Header Value can add, modify or remove an HTTP-request-header for all requests on a desired website or URL. This Firefox add-on is very useful if you are an App developer, website designer, or if you want to test a particular header for a request on a website. Good for 403 bypass and all.

13. retire.js

Scan a web app for use of vulnerable JavaScript libraries. The goal of Retire.js is to help you detect use of version with known vulnerabilities. Outdated components are part of OWASP top 10 now, so it's crucial to find and report vulnerable components in a assessment.

14. Temp mail

Temp Mail provides temporary, secure, anonymous, free, disposable email address. 
Forget about spam, advertising mailings, hacking and attacking robots. Keep your real mailbox clean and secure.

15. Open Multiple URLs

Opens a list of URLs and optionally extracts URLs from text. Easy way to validate your mass hunt results and all.

16. Broken Link Checker

A SEO tool to find broken (404) and redirected (301, 307, 308) links in all frames. Easy way to get some bounties by taking over broken social media handles. 
Ahrefs SEO Toolbar is a great alternative. 

17. JSON Formatter

Makes JSON easy to read. Comes handy when you test AEM!

18.  APK Downloader

If you are into Android pentest or want find some quick bugs with apk static analysis, APK Downloader will make your day. Direct download APK file and install the app manually onto your Android devices.

19. Altair GraphQL Client

A beautiful feature-rich GraphQL client for all platforms.
Ever needed to query a graphQL server when you don't have access to the server code? Want to just quickly test a graphQL query? Altair makes this quite easy. You can provide your query and even specify headers to be sent with the request.

20. YesWeHack VDP Finder

This extension tells if visited sites have vulnerability disclosure programs.
This extension tells if visited sites have vulnerability disclosure programs. It will check the domains your are visiting against an offline version of FireBounty databases and also displaying available security.txt.

21. Fake Filler

A form filler that fills all inputs on a page with fake/dummy data.
Fake Filler is the form filler to fill all input fields on a page with randomly generated fake data. This productivity boosting extension is a must for developers and testers who work with forms as it eliminates the need for manually entering values in fields.

22. Blackbox - Select. Copy. Paste & Search

This extension will is the fastest Way to Copy Text from Videos & Images.
Copy the code from any coding video or live video calls and paste it in your text editor just like you copy code from GitHub & Stack Overflow. Next time you can copy the text from recon videos, oneliners from twitter posts and CTF challenges.

23. builtwith

BuiltWith is a web site profiler tool. Upon looking up a page, BuiltWith returns a list all the technologies in use on that page that it can find. It's a alternative to Wappalyzer.

24. iMacros

iMacros is designed to automate the most repetitious tasks on the web. If there’s an activity you have to do repeatedly, just record it in iMacros. The next time you need to do it, the entire task will be completed at the click of a button! With iMacros, you can quickly and easily fill out web forms, download files, extract text and images, and more. The uses are limited only by your imagination!


25. Firefox Relay

Firefox Relay lets you generate email aliases that forward to your real inbox. Use it to hide your real email address and protect yourself from hackers and unwanted mail. It would be really helpful for your bugbounty hunting and opting for free trials etc.

Bonus Extensions from community

Trufflehog

A extension to sniffing out credentials!
The TruffleHog chrome extension looks for API keys and credentials on websites visited, and alerts you if there are any present. This is useful for doing pentests and code reviews, because it helps identify keys that would otherwise either be missed or have to be searched for manually

Thanks Marcin for letting me know about this extension.

That's it!

Hope you liked this list of awesome extensions, do comment down if I have missed out something! Share it with your friends and other hackers to make their browser ultra pro hacking tool!

Feel free to say ‘hai’ to me on twitter or LinkedIn

My Twitter :- https://twitter.com/cyph3r_asr

My LinkedIn:- https://www.linkedin.com/in/anugrah-sr/ 

Want to buy me a coffee?

4 Comments

  1. When it comes to privacy concerns and avoiding tracking, the Utopia P2P browser is the ideal choice. Unlike mainstream browsers, it doesn't collect or transmit your data to third parties. Additionally, it generates a unique fingerprint to protect your real identity.

    ReplyDelete

Post a Comment

Previous Post Next Post