Top 9 Browser Extensions used by Hackers and Pentesters
Modern web browsers are for their majorities reliable and offer us by default a wide choice of options and features. But you may not know that it is possible to install extensions that will allow you to do much more than just browse the web.
The extension libraries associated with Chrome and Firefox browsers are impressive by the number of extensions available and the differents functionalities they offer. They will allow you to do with your browser everything you want as long what you are looking to do is something possible. For the hackers but also for the researchers and specialists of cybersecurity, these libraries of extensions are true mines of gold.
WHAT YOU WILL NEED
To follow this tutorial, you will need Chrome or Mozilla Firefox on your computer. Whichever browser you use, make sure itâs up to date, then go to the Google Chrome Web Store for Google Chrome users or the Firefox add-ons page for Firefox users.
HTTP HEADER LIVE
âHTTP Header Liveâ is an extension available for Chrome and Firefox browsers used to display header information for a website. This HTTP header information is very useful for analyzing a website, that can help you to find out which charset the website uses, the language, the caching, the authorization, the expiration of the content but also informations about cookies or third-party websites that relay incoming or outgoing information from or to the website where you are.
All these data are not visible by default. âHTTP Header Liveâ allows you to capture in an easy and intuitive way all queries and information transmitted by your browser in the headers of the pages. This extension also allows you to modify the requests you are capturing and then have them re-executed by your browser. This tool is often used by system administrators, web developers, and cybersecurity professionals.
USER-AGENT SWITCHER
To view a web page, your browser sends different information about the type of device that is making the request in order to return the content adapted to the device you are using. For example, most modern websites do not return the same version of a website based on whether you visit it from a computer, tablet, or phone.
Unfortunately your browser can also send a lot of personal information about your machine, your operating system or even the geographical origin of the request.
To avoid this âUser-Agent Switcherâ allows you to quickly and easily change the âUser-Agentâ of your browser offering a choice of 26 different strings and giving you also the possibility to insert a customized one.
The user interface is simple and provides immediate access to the different options available. Once you have selected a new agent, you will have to reload your page for it to be taken into account.
CHAMELEON
Just like âUser-Agent Switcherâ, âChameleonâ allows you to modify the âUser-Agentâ of your browser. But Chameleon also offers a lot of other features that are listed below.
UserAgents
- Random selection in a predefined list of âUser-Agentâ.
- Choice of different operating systems and devices.
- Possibility of customizing the âUser-Agentâ.
- Automatic change of âUser-Agentâ at predefined intervals.
Headers
- Ability to edit certain values sent in your headers.
- Ability to modify the values returned by the âREFERRERâ field.
- Activation of the option âDo not followâ.
Options
- Script injection.
- Follow-up protection.
- Disabling WebSockets.
- Time zone spoofing.
- Screen size spoofing.
- Changing cookie options.
- WebRTC leak prevention.
Whitelist
- Whitelist profile creation.
- Switch from real to fake profile.
- Management and definition of custom rules.
- Support for regular expressions.
Unfortunately for Chrome users this extension is currently only available on Firefox and we do not find any equivalence for Chrome.
Install Chameleon: Firefox
LOCATION GUARD
Modern browsers such as Chrome, Mozilla Firefox, Safari or Opera can transmit to websites that you visit your geographic coordinates that can be used later for example to provide you with targeted content.
Your precise geographic location may be obtained by various methods, which may constitute a violation of your privacy.
âLocation Guardâ allows you to change your geolocation by returning to the websites you visit a fake longitude and latitude. This extension has 4 privacy levels âLow, Medium, High, Fixed Locationâ that you can configure according to your needs.
The first 3 levels âLow, Medium, Highâ are to be used in case you want to let âLocation Guardâ manage itself a new geolocation in a completely random way but remaining coherent with respect to your current position.
The 4th level âFixed Locationâ allows you to set yourself a fake geolocation that will be returned to the websites you visit.
COUNTRY FLAG+
This extension does not represent a great technological innovation but it is nevertheless very appreciable because of its simplicity. Once installed âCountry Flag+â will display in the bar of your browser a flag indicating the country where the server of the website you are currently visiting is located.
By clicking on this flag you will be able to obtain additional information such as the IP address of the server as well as its longitude and latitude. âCountry Flag+â currently supports 240 countries, you have the option in the control panel to change the size of the flags as well as to display the map or not.
PRIVACY BADGER
Browsers can leak a lot of data and personal information, and thatâs exactly what companies want to gain and obtain from the Internet. âPrivacy Badgerâ has been designed to be able to automatically block invisible trackers by analyzing the domains that seem to follow you while browsing the Web.
âPrivacy Badgerâ will send a âDo not followâ signal. If the trackers ignore this request, âPrivacy Badgerâ will take the necessary measures to block them permanently. Moreover, besides the automatic tracker blocking, âPrivacy Badgerâ blocks click tracking on the outgoing links from Facebook, Google and Twitter.
UBLOCK ORIGIN
âuBlock Originâ is an extension that blocks ads and web trackers. Very light in the computer resources usage, this extension is able to use and to treat thousands of filters. Below a screenshot of all blocked items from the French website https://bfmtv.com
Flexible, âuBlock Originâ is not just an ads and tracking blocker. This extension also supports creating and reading filters from custom âhostsâ files.
EXIF VIEWER
The photos contain are a real gold mine in terms of information. You may not know it, but they contain metadata that may reveal information such as where the photo was taken, the type and brand of device used, the date and time, the program used for editing and much more.
To access this information you must have a program or application that can read the âExifâ data in the images. âExif Viewerâ allows you to extract this information quickly and easily with just one click.
BUILDWITH
If for one reason or another you need to know the different technologies used by a specifc website âBuildWithâ is the perfect extension because of its ease of use and the information it returns.
In order to know everything about a website, simply click on the âBuildWithâ icon to see the list of the different services, technologies, hosting, extensions, libraries, social networks, programming language, displaying language associated with the website.
We only mentioned a tiny part of all the information that âBuildWithâ can return about a website because the list is too long to be mentioned here. In addition âBuildWithâ offers you from their website an incredible number of information that can be very useful.
You can for example from their website get a list of million websites using a specific CMS or technology.
If you have any questions about this article, any feedback, suggestion, if you want to share your thoughts with us or either if you would like to join the community and contribute, please feel free to do it using the below comment form.
https://dotweak.com/en/2019/08/18/top-9-browser-extensions-used-by-hackers-and-pentesters-66593399/
ComentĂĄrios
Postar um comentĂĄrio