How To Use Google Chrome For Hacking?
Up till now, firefox was widely used by hackers and pentesters for their day to day job due to tremendous plugins that would make their work much easier for them. However now a days i prefer google chrome more than firefox, due to wide variety of interesting extensions that may provide a great aid in hacking and pentration testing.
Their are lots and lots of google chrome extension that can be used for hacking, however i have complied a list of my favorite ones, which i use frequently in order to test different types of web applications for security vulnerabilities.
How To Use Google Chrome For Hacking - Extensions
XSS RaysXss rays would certainly be at the top of my list, XSS rays includes a scanner, XSS reverser and a DOM inspection tool. Although it does makes the browser a bit unstable when you are performing heavy scans, However it's really handy in detecting XSS attacks. It's a perfect replacement to XSSME that is used in firefox for detecting XSS attacks.
Official Description
XSS Rays is a security tool to help pen test large web sites. It's core features include a XSS scanner, XSS Reverser and object inspection. Need to know how a certain page filters output? Don't have the source? No problem. XSS Rays will blackbox reverse a XSS filter without needing the source code.
Websecurify Scanner
Websecurify Scanner is a really powerful scanner capable of detecting lots of web application attacks. Although it generates lots of false positives, mostly related to CSRF attacks. However it's really handy in detecting XSS attacks. It's fully awesome automated and very user friendly.
Usage
1. All you need to do is to install the websecurity scanner from the link above and visit the following page:
https://suite.websecurify.com/foundation
2. Just enter the URL and it will automatically start scanning.
HPP Finder
HPP finder is capable of easily detecting Http Parameter Pollution attacks. HTTP Parameter Pollution is newest type of web application attacks, Their is not very much information available on it as compared to other attacks such as XSS, SQL injection. However the one that's available is very handy.
Official Description
XSS CHEF
XSS Chef is a perfect replacement to BEEF (Browser Exploitation Framework) for google chrome, XSS chef will ease your exploitation process. I will write a complete tutorial on it.
Cookie Editor
Cookie Editor is a very useful google chrome extension for hackers, I mostly use it, when i am performing session hijacking attacks.
I hope you have liked my list of favorite google chrome extension for hacking, Depending upon the response, If i get more than 25 comments on this post, I will write up a part 2 of this post "How To Use Google Chrome For Hacking".
Feel free to ask, if you have any questions.