I love the convenience of having readily available tools for hacking / pentesting right there in your browser. There are a lot of these on the market, but below are some essential ones which I love and should be checked out.(I am only listing FireFox because I use it, you can find similar for other browser by doing some googles)
Handy for basic anonymity when performing web attacks/tests. *ensure that you have no logged in services running while you are on Tor or you risk them being intercepted by nefarious individuals*
Pasive Recon Plugin
A great plugin which gives you 1-click access to a nice list of passive web recon/OSINT tools. Good for discovering more about websites/online services. Also includes Google Dorks.
No-Script is an essential add-on regardless of if you are doing web application penetration tests or just browsing the net. It stops scripts from being loaded in your browser – eliminating a huge potential of getting infected with a maliciousnasties.
Good for finding intel on image files on the net. Before all big image hosting services and social networks got savvy to this, one could potentially find GPS coordinates of images taken from smart phones/cameras. This was ideal for would be stalkers/burglers.
This is probably the worst plugin you can have installed for day-to-day use as it reveals your password once you hover over it in a browser. Anyone walking past at the wrong time could see it. But it is very handy when performing attacks against online devices. For example – one could find a list of weakly authenticated modem/routers online using Shodan or uMap… once in, they can find the PPPoE account password from the devices, and use this to log into the user’s ISP account and harvest personal information. I posted an article detailing this attack [here]
Potentially overrated, but FireSheep hit the online world by storm with allowing an easy to use plugin to sniff open wifi network traffic and stealing session cookies, allowing the attacker to log into any users logged in accounts (that were not using HTTPS)
Essential for attacking and testing websites and web applications. It allows you to view and edit a wide array of web functions directly on a site on the fly. i.e. manipulating cookies and scripts before they get passed.
I’ve included this only for the fact that if you are like me, you have an almost endless list of bookmarks in your browser related to security. Be it onlne OSINT sites, or exploit listings. XMarks allows you to sync your bookmarks to any broswer with this plugin. Handy if you fire up BackTrack live and need some of your bookmarks. – *side note* Make sure you are log-out of the plugin if you are ever on another network (or over Tor… as it phones home over unencrypted data channel)
Sandcat Browser – This is a custom browser rolled with a comprehensive set of tools for attacking web applications.
There are numerous more plugins available, I have just listed the above because “I use them, and they are awesome”. For a more thorough list check out this page.