FireCAT

April 10, 2011, by | Start Discussion


Our Experience with Firefox
Some years ago we were indicated to carry out a penetration testing, in which we can't use tools, only our hands and the browser and anything installed.
From that moment, Firefox became a very useful tool to carry out analysis and identification of vulnerabilities.
Its capacity to personalize it, to install and to remove things make it more flexible, dynamic or easy to adapting it to a specific task.
The result was so positive that we decided to create a catalog with addons, so that anyone can use them and also to promote them. These addons are developed by hackers and programmers, lovers of Firefox, the security and the open source.

What is Firefox?
I think that the great majority of the users of Internet know what Firefox is. Basically Mozilla Firefox is a browser Web, based on XUL and JavaScript Licensed under GNU.

What is XUL?
XUL (pronounced "zool") is Mozilla's XML-based user interface language that lets you build feature rich cross-platform applications that can run connected to or disconnected from the Internet. These applications are easily customized with alternative text, graphics, and layout so that they can be readily branded or localized for various markets.
More info: https://developer.mozilla.org/en/The_Joy_of_XUL

FireCAT
We can use Live CDs, free tools as w3af, nmap or Metasploit, but when the scenario doesn't allow it, the possibility exists: Firefox.
The project FireCAT is divided in categories that have been elaborated for a better classification of the addons.


Mind map of FireCAT

About the Project
Current Version: 1.6.2

  • 40.000 Downloads
  • 90 Available Addons
  • Personalization
  • Adaptation
  • Continuity of Development
  • Integration OS.
  • Open & FREE!

The main categories are:

  • Information Gathering
  • Proxies & Web Utilities
  • Editors
  • Network Utilities
  • Misc
  • IT Security Related
  • Application Auditing

Our Proposal is to list the best extensions that are of utility in an audit process or ethical hacking. From the stage of gathering of information, going by the stage of exploitation, until the delivery of the report with the possibility of creating sequences on the carried out activity, logs and edition on the obtained results.

Information Gathering
A great part of the process of Hacking or Vulnerability in Systems consists of gathering information. Without the appropriate investigation, it would take us very much more time to carry out our objective: access the system victim.

  • Whois

You can display Server type, Headers, IP Address and more content related to the Website.

  • Location Info

Display the geo-location of every website. To know where it is placed.

  • Enumeration and Fingerprint

Enumerate the Cookie, Response, Content Type, Content-Encoding and more.

  • Data Mining

Focusing in the people, you can search for people on different social networks, like Facebook, Yahoo! or Google Groups, Linkedin, etc.

  • Googling and Spidering

Search in Google with the dorks is easy, possibility to use the search engine to find different information.

Proxies & Web Utilities
The possibility exists of to hide or to modify our IP address, with the proposed tools. We will be able to simulate using Proxies.
You can use an extensive list of Proxies and to exchange them according to our necessities, inclusive to enable / disable the option of using the net Tor.


FoxyProxy is an advanced proxy management tool that completely replaces Firefox's limited proxying capabilities.

Editors
The pages Web executes and they use different mechanisms to show the content, from HTML v1.0 until the most recent HTML v5.0.
With the proposed solutions, we can carry out actions like: view source code in a non traditional way, generate links outlines, images, modify the styles, to take advantage of the code JavaScript to verify the web sites, monitoring and debugging in real time.


A Firebug extension for Flash. Extensive Flash debugging add-on (swf resources, amf data, shared objects, traces, policy log). Requires Flash Player Debugger to display traces.

Network Utilities

  • Intrusion Detection System

Is possible to detect, block and to inform the users about malicious web sites, log of events with similar flexible rules to Snort.

  • Sniffers

With a sniffer any person can detect password in plain text and access to the information. It transforms the browser into a Sniffer of HTML.

  • Wireless

Access to different kinds of open Wi-Fi.

  • Passwords

To carry out attacks of brute force against web forms that use the methods GET and POST, from Firefox it is possible! With dictionaries or passwords generators, the work is made much easier.

  • Protocols & Applications (FTP, DNS, Oracle, SQLite, MySQL)

Through different protocols we can recreate scenarios, to connect us to databases, as MySQL, Postgress or SQLite from the browser.
The errors in Oracle offer a lot of useful information.


Manage any SQLite database on your computer.

Misc
A section where you can find different things. Among them, the possibility to use some JavasScript to personalize Webs sites, generate passwords, calculate hashes, identify malware, virus, trojan, etc.

  • Tweaks & Hacks

Greasemonkey, it is a very well-known extension, but few know the potential of its, it allows to use scripts developed or we can create the own ones to activate or deactivate content of a Web site, or for bypassing logins 😉

  • Encryption / Hashing

Often it is necessary to encrypt or to decrypt things. We found files that contain strings, now we can do it from Firefox.

FireEncrypter is an Firefox extension which gives you encryption/decryption and hashing functionalities right from your Firefox browser, mostly useful for developers or for education & fun.

  • Antivirus & Malware Scanner

If you are analyzing a Web site and the content, maybe you will download some files, it is very important that an Antivirus checks these files.

  • Anti Spoof

The extensions proposed also allow us to change the HTTP referrer, and to examine how the Web Server responds before it.

  • Anti-pishing / Pharming / Jacking

Different techniques are used to steal sessions – cookies – or legitimate users credentials; Firefox has addons that helps to the final users to be more protected before these situations.

  • Automation

How many times we carry out the same process or task? The answer is: An important quantity maybe, will be convenient to automate them. Well, is possible to automate the work carried out in the Firefox.
If for example we always visit the same Web sites, these all could open up at the same time in a certain moment, in an established sequence, to complete forms or inclusive auditing the Web code, if it is modified, using another extension. 😉

  • Logs / History

Added to the possibility of automating actions, too is possible to take a record of the carried out activities, tracing. Inclusive to modify them, export and import them.
Is very useful this when we should present the reports and to demonstrate what ways we choose until arriving to our objective.


An extension to View and Manage form history entries (view, edit, delete, selective clean-up, export/import)

IT Security Related
Collection of Web sites related to the information security, vulnerabilities, exploits, and papers. Allowing to carry out direct searches from the browser.

Application Auditing
The three main functions of the security in applications consist in: Programming, Processing and Access to the information. From these points of view, we propose different extensions.
From the programming of the Web site – with the help of Web Developer -, to be able to see how the cookies is stored (allcookies), until we detect and take advantage of vulnerabilities of the type XSS (Cross-Site Scripting), SQLi (SQL Injection) and bypassing authentication forms.


Adds a context menu to Firefox's cookie manager and permissions dialogs.

 
Use tamperdata to view and modify HTTP/HTTPS headers and post parameters. Trace and time http response/requests. Security test web applications by modifying POST parameters.

Recommended Addons
We can mention the following addons that are part of our Top 10 in FireCAT.

FireCAT Top 10
01 Maltego Plugin
02 FoxyProxy
03 FireBug
04 OSVDB search
05 OffSec ExploitDB
06 Tamper Data
07 ChickenFoot
08 Exploit Me
09 SQL Injection
10 Web Developer


SQL Injection vulnerabilities can cause a lot of damage to a web application. A malicious user can possibly view records, delete records, drop tables or gain access to your server. SQL Inject-Me is Firefox Extension used to test for SQL Injection vulnerabilities.

 
The Web Developer extension adds a menu and a toolbar with various web developer tools.
 

Where you can find FireCAT?
www.firecat.fr
FireCAT is fully sponsored by NETpeas (www.netpeas.com)

Next Steps
At the moment the catalog offers the possibility to list in categories the extension and to see its description. In the future we hope to be able to make a version served.
Where the final user can discharge and to download: the Top 10 or based on profiles made by us. Depending on the case of use and proposed scenario.
If you are developer or know what extensions could be included in the inventory, we invite to you to share your knowledge with the community.
 

FireCAT
Categories Featured Addon
Information Gathering
Whois Domain Details
Location Info ShowIP
Enumeration & Fingerprint Header Monitor
Data Mining Maltego Firefox Plugin ? The Mesh!
Googling & Spidering  Advanced Dork
Proxies & Web Utilities FoxyProxy Standard
Editors Firebug and its derivations like Flashbug, FirePath, Firecookie, FireRainbow
Network Utilities
Intrusion Detection System Firekeeper
Sniffers FFsniFF (FireFox sniFFer)
Wireless JiWire Wi-Fi Toolbar
Passwords Fireforce
Protocols & Applications SIDU DB Web GUI (MySQL + Postgres + SQLite)
Misc
Tweaks & Hacks Greasemonkey
Encryption / Hashing Net-Force Tools (Firefox Extension)
Antivirus & Malware Scanner BitDefender QuickScan
Anti Spoof refspoof
Anti-phishing / Pharming / Jacking Netcraft Toolbar
Automation iMacros for Firefox
Logs / History Slogger
Backup & Synchronization FEBE
IT Security Related Offsec Exploit-DB Search
Application Auditing Exploit-Me

 

Related Projects
Mantra
Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers, security professionals etc. It is portable, ready-to-run, and compact. It follows the true spirit of free and open source software
www.getmantra.com

Privacy and Security Firefox Portable
Privacy and Security Firefox Portable is a heavily modified version of Mozilla Firefox, 3.6.8 Portable Edition that includes many improvements made to enhance privacy, security, and anonymity above and beyond that of the default Firefox configuration.
http://sourceforge.net/projects/securityfirefox

Sandboxing Firefox
What is Sandboxing?
It is a technique used to separate programs in execution. It is generally used to execute codes and programs; that have not been tested with the purpose of not access to the system or user's files.

IronFox
IronFox is Firefox in a sandbox for Mac, or more correctly, an application shell script wrapper that starts Firefox in a sandbox. The policy is bundled within the app, should there be any desire to inspect the policy before use.
http://www.romab.com/ironfox

Dell KACE Secure Browser
It provides virtualization for Firefox in the environment Windows, with the plugins of Adobe Reader and Flash, including the possibility to restrict Web sites, what applications they will be executed, it uses a simple interface of administration. It also provides statistics of detected and blocked processes.
http://www.kace.com/products/freetools/secure-browser

Sandboxie
Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer. Secure Web Browsing: Running your Web browser under the protection of Sandboxie means that all malicious software downloaded by the browser is trapped in the sandbox and can be discarded trivially.
http://www.sandboxie.com


Security Analyst working in an International Bank and participating in some Projects like Vulnerability Database, Zero Science Lab, OWASP. Fanatic of open standards.

Leave a Reply