Chrome Extensions for Security Professionals

During Recent days we have seen a phenomenal increase in usage of Google Chrome Browser, however Security Professionals are still looking at Firefox for there day to day life usage, the basic reason behind it is large set of firefox extensions backing it up, we have also custom builds like OWASP Mantra doing the round.

So for those who love using Google Chrome and still miss the large plugin base here is a list of must have plugin set for the Security professional’s.

Note : Usage could be offensive and defensive both, its upto the user to decide. the content here is for informational purpose only

CAUTION : LONG POST …. continue below only if you can give time coz this post is large.

Find below list of plugin’s i found to be useful :

I have added details from chrome store and where ever found necessary I added my own comments

• Web Developer toolbar : https://chrome.google.com/webstore/detail/bfbameneiokkgbdmiekhjnmfkcnldhhm

Web developer toolbar of firefox in its full glory.

• Encooder / Decoder : https://chrome.google.com/webstore/detail/gncnbkghencmkfgeepfaonmegemakcol

Encoding/Decoding Plugin for various types of encoding like base64, rot13 or unix timestamp conversion

• XSS Rays : https://chrome.google.com/webstore/detail/kkopfbcgaebdaklghbnfmjeeonmabidj
• Anti XSS : https://chrome.google.com/webstore/detail/pohooglepenpccfcljdhhbmojeghijno

Xss Detection and protections tools

• HTTP Request Maker : https://chrome.google.com/webstore/detail/kajfghlhfkcocafkcjlajldicbikpgnp?hl=en-US

Request Maker is a tool for penetration testing. With it you can easily capture requests made by web pages,
tamper with the URL, headers and POST data and, of course, make new requests.
Request Maker only captures requests sent via HTML forms and XMLHttpRequests

• Cookie Editor : https://chrome.google.com/webstore/detail/fngmhnnpilhplaeedifhccceomclgfbg?hl=en-US

Edit This Cookie is a cookie manager. You can add, delete, edit, search, protect and block cookies

• Port Scanner for All Hosts : https://chrome.google.com/webstore/detail/jdcggkdokjkfheicojgdkiemchjioaaa

Simplistic Port scanner doing a simple port scan for well known ports.

• Chrome Whois : https://chrome.google.com/webstore/detail/jmmjpmkbadbdjphkkbmfchoidgbpnppg

Whois Information display within chrome browser

• Firebug lite for Chrome : https://chrome.google.com/webstore/detail/bmagokdooijbeehmkpknfglimnifench

For those who don’t like Developers tools @ chrome and want to keep sync with good old firebug

• HTTP Headers : https://chrome.google.com/webstore/detail/hplfkkmefamockhligfdcfgfnbcdddbg

Google Chrome extension that lets you quickly view HTTP Response Headers of a URL.

• IP Address information : https://chrome.google.com/webstore/detail/lhgkegeccnckoiliokondpaaalbhafoa

See geolocation, DNS, whois, routing, search results, hosting, domain neighbors, BGP and ASN info of every IP address (IPv4 & IPv6).

• Not Scripts : https://chrome.google.com/webstore/detail/odjhifogjcknibkahlpidmdajjpkkcfn

A clever extension that provides a high degree of ‘NoScript’ like control of javascript, iframes, and plugins on Google Chrome.

• Proxy Switcher : https://chrome.google.com/webstore/detail/caehdcpeofiiigpdhbabniblemipncjj

A nice drop in replacement for Foxy Proxy and very good in working.

Note of caution : if using on windows this also switches the proxy settings for IE.

• Session Manager : https://chrome.google.com/webstore/detail/bbcnbpafconjjigibnhbfmmgdbbkcjfi

Session Manager lets you save sessions of your opened tabs and windows, and to quickly re-open them whenever you like.

• Cookie swap : https://chrome.google.com/webstore/detail/dffhipnliikkblkhpjapbecpmoilcama?hl=en-US

Swap cookies between two accounts

• HTTP Response Browser : https://chrome.google.com/webstore/detail/mgekankhbggjkjpcbhacjgflbacnpljm?hl=en-US

Make HTTP requests from you browser and browse the response.

• REST Client : https://chrome.google.com/webstore/detail/ahdjpgllmllekelefacdedbjnjaplfjn?hl=en-US

Helper for web developers for creating custom HTTP requests.

• Network Utilities : https://chrome.google.com/webstore/detail/ekpdpmpcgcmpaeokmclflfpadaklgpji?hl=en-US

Tools like ping, tracert, W3C validator, dns blackhole list, dns lookup, domain neighbors and whois information.

• DNS loopup : https://chrome.google.com/webstore/detail/hknchhafnlafkbiopkadkgmammdbaich?hl=en-US

Displays DNS records for the current page.

• Tampermonkey : https://chrome.google.com/webstore/detail/dhdgffkkebhmkfjojejmpbldmpobfkfo

Grease Monkey drop in replacement

• Exploit DB latest : https://chrome.google.com/webstore/detail/lkgjhdamnlnhppkolhfiocgnpciaiane

Displays latest 5 of exploitdb.

• Wappalyzer : https://chrome.google.com/webstore/detail/gppongmhjkpfnbhagpmjfkannfbllamg
• Web Technology Notifier : https://chrome.google.com/webstore/detail/fnpgnmindcbkjbpblcklealdhnogmlko

Displays the technologies used in the website, Frameworks, CMS, scripting etc

• Web Securify : https://chrome.google.com/webstore/detail/emclbdbpcnhmopfkidjhlinikkohlkpn

Perform a Websecurify scan inside your browser.

• Norton Web Safe : https://chrome.google.com/webstore/detail/jgeljojcemiefdiciedakpojojfmbhba?hl=en-US

Uses Norton SafeWeb API but we are NOT affiliated with Symantec!

• QR / Bar Code Decoder : https://chrome.google.com/webstore/detail/fdbaidolhfnecgiloehbailojonjaloa?hl=en-US

QR & other BARcodes images in one click Decoding. Also can Encode selected text or current URL to QR code in one click, like others.

• URL Shortner and Expander : https://chrome.google.com/webstore/detail/eclilalbnmdonojgjmkekinflhodgoii?hl=en-US

Supports upto 50 different services you can expand any url you receive before clicking on it and following the link.

• Web Server Notifier : https://chrome.google.com/webstore/detail/najdkmbedaehkepolllmpdfccdgooajh?hl=en-US

Displays the Web server of the current page.

Note : this may break some pages.

• Password and hidden Revealer : https://chrome.google.com/webstore/detail/fgeopcldenngppapceagonnenonklpbn?hl=en-US

This version allows to see asterisk and hidden fields

• Google Safe Browsing Check : https://chrome.google.com/webstore/detail/kcghpcmaemminjmoifneclajoomafben?hl=en-US

Adds one-click Google Safe Browsing diagnostic to your toolbar

Not Exactly related but helpful plugin’s

• Password Security Tester : https://chrome.google.com/webstore/detail/gfbpikfinaalbpbapnejhimpljlleikl

Test’s how secure is your password specially how easily it is to crack the password based on complexity.

• Secure Login Helper : https://chrome.google.com/webstore/detail/gbnlondidnnfmfnglkpaoagecnkkpcjp

Redirects to Secure version if it exists.

• Search file sharing : https://chrome.google.com/webstore/detail/cboohmbnadgdglnfblieggkgbapdkmjk

Simple search into public file sharing sites.

• Download Master : https://chrome.google.com/webstore/detail/hdjacnejoohiamgmaciljlpniffgkojd?hl=en-US

Download Helper

• AdBlock Plus : https://chrome.google.com/webstore/detail/cfhdojbkjhnklbpkdaibdccddilifddb?hl=en-US

Ads were yesterday! The successful extension Adblock Plus is now available for Google Chrome™.

• Disable Extension : https://chrome.google.com/webstore/detail/ejhdjfmkegkpenillofhpmikailkjpkb?hl=en-US

Disable all extensions in one click, or enable all extensions in one click.
you also can enable or disable or uninstall the extensions one by one.

• W3Spy : https://chrome.google.com/webstore/detail/doahnaigbgiblgnjhhaekbffljjpmacg?hl=en-US

This extension displays an icon in Google Chrome’s top bar; On-click, it will load a complete website report for the currently visible website. Powered by: W3Spy.net

 

Please add any other extensions if i missed anything.