HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 48 guests and 2 members online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Web Applicationsarrow What browser to use for web testing?
EH-Net
May 22, 2013, 03:02:58 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: What browser to use for web testing?  (Read 6500 times)
0 Members and 1 Guest are viewing this topic.
millwalll
Guest
« on: October 14, 2011, 08:20:11 AM »
I just wanted to find out what browser people used for web testing what plug ins do they find useful?

At the moment I use frefox and so far use tampa data,foxy proxy,firebug and live headers
I also have chrome install what I used for searching the web if I am using firefox to test a site.

What are you using ? any plug ins you can recommended ?
Logged
tturner
Sr. Member
****
Offline Offline

Posts: 432


View Profile WWW
« Reply #1 on: October 14, 2011, 09:45:26 AM »
Firefox 3.x

As for plugins, it's a rather long list:

Flashgot
Fiddler
Firebug
Tamper data
Passive recon
Fireforce
FoxyProxy
Hackbar
Modify headers
User Agent switcher
Greasemonkey
DOM inspector
Add n edit cookies
Web developer
Wappalyzer

and I'm sure a bunch more that I don't remember off the top of my head.

I also use IE (multiple versions), Links, Chrome and Safari at times as well but FF is my primary.
Logged
Certifications:
CISSP, CISA, GPEN, GWAPT, GAWN, GCIA, GCIH, GSEC, OPSE, CSWAE, CSTP, VCP

WIP: OSWP, GSSP-JAVA, GXPN

Udacity on hold, again. I suck.

http://sentinel24.com/blog  @tonylturner http://bsidesorlando.org
chrisj
Hero Member
*****
Offline Offline

Posts: 1163


View Profile WWW
« Reply #2 on: October 14, 2011, 10:12:17 AM »
While I'm not doing much web-app testing (job requirements changed at work), I still have to do troubleshooting with load balancers (network engineering side). Currently I use:

Firebug
Firecookie
FoxyProxy
Liveheaders
ShowIP

I think my primary home system actually has more installed.
Logged
OSWP, Sec+
millwalll
Guest
« Reply #3 on: October 15, 2011, 12:15:46 PM »
Cool I will have to look into some them plugins
Logged
hayabusa
Hero Member
*****
Offline Offline

Posts: 1632



View Profile
« Reply #4 on: October 15, 2011, 02:30:10 PM »
I use Chrome, day-to-day, but Firefox for almost all pentests, simply for all of the great plugins.  Just hard to beat, when you have everything in one place.

In addition to those plugins, which chrisj and tturner mentioned, there are so many more (Netcraft, MANY SQL ones, etc - to give a small sampling)
Logged
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

OSCE, OSCP , GPEN, C|EH
p0et
Full Member
***
Offline Offline

Posts: 197



View Profile
« Reply #5 on: October 15, 2011, 11:39:47 PM »
I just ran into "Firecat" the other day for Firefox.  It looks like it's a collection of security auditing plugins.
Logged
GCIH, Security+, Network+, A+, MCP, DCSE
millwalll
Guest
« Reply #6 on: October 17, 2011, 03:43:32 AM »
Thanks will defo have play with some these as my new job wants me to test web apps and I am used to doing more network stuff so taking bit time to get used to what tools to use and stuff.
Logged
magnologan
Newbie
*
Offline Offline

Posts: 4



View Profile WWW
« Reply #7 on: October 26, 2011, 12:43:51 PM »
The best browser for web testing is Mantra. A Firefox based browser with all the add-ons for security testing and auditing. Download here: http://getmantra.com/

Try OWASP tools at www.owasp.org. OWASP has a Testing Guide for you to test your web applications.
Logged
OWASP - www.owasp.org
tturner
Sr. Member
****
Offline Offline

Posts: 432


View Profile WWW
« Reply #8 on: October 26, 2011, 01:14:56 PM »
I really like Mantra. Good call! Btw for folks having issues getting it to work with Firefox installed, follow the instructions at http://getmantra.com/forums/Thread-running-mantra-and-firefox-together
Logged
Certifications:
CISSP, CISA, GPEN, GWAPT, GAWN, GCIA, GCIH, GSEC, OPSE, CSWAE, CSTP, VCP

WIP: OSWP, GSSP-JAVA, GXPN

Udacity on hold, again. I suck.

http://sentinel24.com/blog  @tonylturner http://bsidesorlando.org
MaXe
Hero Member
*****
Offline Offline

Posts: 669


I've just upgraded myself to a cyborg muahahaa!!1


View Profile WWW
« Reply #9 on: October 27, 2011, 03:25:17 PM »
FireFox with:
Tamper Data
Live HTTP Headers
Firebug (must have)
Cookies Manager

And a tool outside the browser:
- Burp Suite Free (intercepting proxy with nice spider features)

And a scripting language like Python. That's pretty much all you need from basic to more advanced exploitation.

I recommend you get some sort of character encoding tool too, for example I use this a lot: http://intern0t.net/xssor/
Logged
I'm an InterN0T'er
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.067 seconds with 23 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.