Browser Extensions

You know what software your target is running but how do you determine what vulnerabilities it has? The whole point of l earning a target technology stack is so you can use this information to find associated vulnerabilities.


Here is my favorite extension to do this:



Cookie-Editor


Simple yet powerful Cookie Editor that allow you to quickly create, edit and delete cookies without leaving your tab.

Cookie-Editor is designed to have a simple to use interface that let you do most standard cookie operations. It is ideal for developing and testing web pages or even manual management of cookies for your privacy.


You can easily create, edit and delete a cookie for the current page that you are visiting.

There is also a handy button to mass delete all the cookies for the current page.

You can also Import and/or Export your cookies in a text format for easy sharing or backup.

A search bar is available at the top of the interface to allow you to search for a specific cookie by name.


This is the perfect cookie editor!!!



Wappalyzer


When attempting to exploit a target with a known vulnerability you could just launch your exploit at every target and hope for the best or you can do things a l ittle smarter.

Identifying the target technology stack will help you find the exploits impacting that stack. Not knowing this information will l eave you blind and you will have to take random guesses at which exploits might work.


As you can see in the figure above, Wappalyzer returns us with a bunch of information, like Python, PHP, Apache version, operation system, etc.


23 views0 comments

Recent Posts

See All

LibreNMS

LibreNMS is an open source, powerful and feature-rich auto-discovering PHP based network monitoring system which uses the SNMP protocol. It supports a broad range of operating systems including Linux,

Vulmap – Web Vulnerability

Vulmap is a vulnerability scanning tool that can scan for vulnerabilities in Web containers, Web servers, Web middleware, and CMS and other Web programs, and has vulnerability exploitation functions.

Vigenere Cipher

Vigenere Cipher is a method of encrypting alphabetic text. It uses a simple form of polyalphabetic substitution. A polyalphabetic cipher is any cipher based on substitution, using multiple substitutio