Web Hacking Firefox Plugins

When conducting a penetration test of a web application, it is very helpful to have some additional functionality built into our web browsers. My primary browser I use for conducting assessments is Mozilla’s Firefox. 

1. AdBlock Plus – I disable this AdBlocker while testing as I want to see all the images and ads. But sometimes I use Firefox for browsing other things.
2. Cookies Manager+ – Add/edit/delete cookies
3. Extended Statusbar – Gives you more info about your system and network traffic (target IP address, time for responses, etc.) in a bar. 
4. Firebug – All around good tool for examining the underlying HTML/JavaScript/other code on the web page. Similar to the “Developer Tools” option in Chrome and 
5. FireGestures – Right click and move the mouse to do things like move back a page, close a tab, etc.
6. FlashFirebug – Allows Firebug to examine flash content
7. FoxyProxy Standard – Quick switching between proxies (Burp, ZAP, remote proxy…)
8. Ghostery – Great replacement for NoScript to block ads/widgets/trackers in pages. Disable it while testing. Enable it after.
9. JSONView – View JSON responses in a pretty format
10. ShowIP – Show the IP of your target in a toolbar
11. User Agent Switcher – Switch user agents to appear like your Firefox is a different browser. Make your own User Agent strings with XSS in them for more fun!
12. Tamper Data – Simple proxy for examining and editing web app traffic. 

Your Suggestions