So far, we've just installed some tools in our web browser, but what are these tools good for when it comes to penetration testing a web application? The add-ons installed are as follows:
- HackBar: A very simple add-on that helps us try different input values without having to change or rewrite the full URL. We will be using this a lot when doing manual checks for cross-site scripting and injections. It can be activated using the F9 key.
- Cookies Manager+: This add-on will allow us to view and sometimes modify the value of cookies the browser receives from the applications.
- User-Agent Switcher: This add-on allows us to modify the user-agent string (the browser identifier) that is sent in all requests to the server. Applications ...