Diniz Martins
Apr 20, 20211 min
You know what software your target is running but how do you determine what vulnerabilities it has? The whole point of l earning a target technology stack is so you can use this information to find associated vulnerabilities.
Here is my favorite extension to do this:
➥ Cookie-Editor
Simple yet powerful Cookie Editor that allow you to quickly create, edit and delete cookies without leaving your tab.
Cookie-Editor is designed to have a simple to use interface that let you do most standard cookie operations. It is ideal for developing and testing web pages or even manual management of cookies for your privacy.
You can easily create, edit and delete a cookie for the current page that you are visiting.
There is also a handy button to mass delete all the cookies for the current page.
You can also Import and/or Export your cookies in a text format for easy sharing or backup.
A search bar is available at the top of the interface to allow you to search for a specific cookie by name.
This is the perfect cookie editor!!!
➥ Wappalyzer
When attempting to exploit a target with a known vulnerability you could just launch your exploit at every target and hope for the best or you can do things a l ittle smarter.
Identifying the target technology stack will help you find the exploits impacting that stack. Not knowing this information will l eave you blind and you will have to take random guesses at which exploits might work.
As you can see in the figure above, Wappalyzer returns us with a bunch of information, like Python, PHP, Apache version, operation system, etc.