web application ethical hacking

Advanced Ethical Hacking – Web Application Testing Tutorial

Browser Plugins with Chrome

As we start doing web application testing, there’s actually a number of things you can do inside your browser without having to rely on external tools. And there’s actually a lot of use here because you’re going to end up needing to do a lot of manual checking And maybe doing some follow up tests in addition to some of the automated tools.

So, there are different extensions or plugins you can get for different browsers. And I’m going to start with Chrome here, and we’re going to take a look at the extensions that Chrome has available.

So, I’m doing this on a Mac at the moment. The extensions for Chrome are really supported across The different platforms. So, in this case, I don’t actually have any extensions on here.

And, I want to go browse the gallery and that’s going to bring me up to the web store for Chrome so I can take a look at the extensions. And you can see the extensions over here on the left and there are a couple of places to go. I want to start with is developer tools.

And there are some interesting plugins very useful. The Web Developer plugin, for example, Gives us some different capabilities that more have to do with actually how pages look but, you may want to use some of those tools, and there are some others. Firebug Lite, for example, gives us the ability to do a lot of deep digging into actually What the page does and how it’s put together so we can look at the document object model, we can look at the job.

We can actually do some interacting with it. So if I want to actually install it, I just do add the Chrome and it’s going to do an ad here and we’re going to go. Download the plugin, and then it’s going to do an install, and you’ll see I’ve actually got a little bug up here, where I can make use of that. And we’ll take a look at actually using some of these tools a little bit later on. Going back to the Web store, though. There are a number of other tools that are really useful to use inside of chrome specifically.

So you may want to look at At XML in a more user-friendly way if you’re dealing with a web application that does XML that’s one that you can do. This one gives you the performance of the web application so if the test that you’re doing you’re concerned about the speed or usefulness of the application, you could make use of. That plugin. There are plugins here to be able to do a ping, a traceroute and check on DNS blackhole lists here. This is a tool that you can use to determine what technologies are actually used on websites.

So you can figure out what the content management system is if it’s not immediately obvious based on Banners and page names. Wappalyzer will actually help you figure out whether you’re running Drupal or whether you’re running WordPress or whether you’re running something else. And you can see whether PHP works. And various other technologies that run on the web server on the website itself. So you can use Wappalyzer for that.

So there’s a lot of different extensions that you can install into Chrome that give you a lot of capability and we’ll take a look at. [ The capabilities, specifically in a different video here but I want to give you a sense of what’s available. There are also some under productivity you may want to look at. Of course, if you’re interested in Extensions that don’t relate to ethical hacking or penetration testing. There’s certainly a lot of other extensions that are there.

But there are some pretty good extensions for Chrome, and as I said, there’s a lot of extensions for Firefox in order to be able to do some of this stuff. And we’ll take a look at those next.

Browser Plugins with Firefox

So we’ve looked at plugins for Google Chrome at this point. And then I want to take a look at some plugins for Firefox as well.

So, Firefox has a long history of add-ons, they’ve been doing them for quite a while. And there’s a pretty rich set of Add-on, a capability that exists from various developers around the world. So I need to go to, you saw I went to tools and add-ons, and now I am at the page that shows the add-ons manager.

What I want to do is go to basically the add-ons store and be able to look at the different add-ons that we’ve got available. Actually, what I want to do is look at extensions specifically, although there are various appearance-related add-ons as well. So, what