FireCAT 1.4 Released – Firefox Catalog of Auditing Extensions

Use Netsparker


FireCAT (Firefox Catalog of Auditing exTension) is a mindmap collection of the most efficient and useful firefox extensions oriented application security auditing and assessment

You can find an online map of Firecat v1.4 here.

Changes for version 1.4

Information Gathering (Enumeration and Fingerprinting)

  • Passive Recon : PassiveRecon allows Information Security professionals the ability to perform “packetless” discovery of target resources utilizing publicly available information

Security Auditing

  • Selenium IDE : Selenium is a test tool for web applications. Selenium tests run directly in a browser, just like real users do
  • RESTTest : Construct custom HTTP requests to directly test requests against a server. RESTTest uses the XmlHttpRequest object and allows you to simulate XHR to quickly prototype requests and test security problems. Designed specifically for working with REST sources, supporting all HTTP methods
  • Acunetix Firefox plugin: Read here a good review by Kev Orrey. Extension submitted by Kev Orrey from VulnerabilityAssessment

IT Security Related

  • Added Milw0rm Exploits Search

Fixes

  • Fixed HashMDTool link
  • Fixed OSVB extension link
  • Fixed US Homeland Security Threat link

You can download FireCAT v1.4 here:

FireCAT 1.4 Source (Zip – 4.6 kb)
FireCAT 1.4 Browsable HTML (Zip – 37.2 kb)
FireCAT 1.4 pdf (PDF – 186.3 kb)

You can actually wget all the tools from here:

http://phrack.fr/tools/FireCAT-1.4

Or read more here.

Posted in: Hacking Tools, Web Hacking

, , , ,


Latest Posts:


Intercepter-NG - Android App For Hacking Intercepter-NG – Android App For Hacking
Intercepter-NG is a multi functional network toolkit including an Android app for hacking, the main purpose is to recover interesting data from the network stream and perform different kinds of MiTM attacks.
dcipher - Online Hash Cracking Using Rainbow & Lookup Tables dcipher – Online Hash Cracking Using Rainbow & Lookup Tables
dcipher is a JavaScript-based online hash cracking tool to decipher hashes using online rainbow & lookup table attack services.
HTTP Security Considerations - An Introduction To HTTP Basics HTTP Security Considerations – An Introduction To HTTP Basics
HTTP is ubiquitous now with pretty much everything being powered by an API, a web application or some kind of cloud-based HTTP driven infrastructure. With that HTTP Security becomes paramount and to secure HTTP you have to understand it.
Cangibrina - Admin Dashboard Finder Tool Cangibrina – Admin Dashboard Finder Tool
Cangibrina is a Python-based multi platform admin dashboard finder tool which aims to obtain the location of website dashboards by using brute-force, wordlists etc.
Enumall - Subdomain Discovery Using Recon-ng & AltDNS Enumall – Subdomain Discovery Using Recon-ng & AltDNS
Enumall is a Python-based tool that helps you do subdomain discovery using only one command by combining the abilities of Recon-ng and AltDNS.
RidRelay - SMB Relay Attack For Username Enumeration RidRelay – SMB Relay Attack For Username Enumeration
RidRelay is a Python-based tool to enumerate usernames on a domain where you have no credentials by using a SMB Relay Attack with low privileges.


Comments are closed.