A lot of people ask me how I can figure out how to break into websites, or bypass certain simple security features. The simple answer is that I know how to because I'm clever, but the truth is that the brunt of the work has already been done for me. This is all thanks to the developers of FireFox, the world's greatest Internet browser.
FireFox is great because of the way it allows you to do whatever you want with your browser. Not only can you fully customize the feel, but you can add multiple things to your browser that allows you to make your browsing experience smoother, easier, funky, etc.
I am going to go over the browser add-ons I use, and why.
Ad-Blocker Plus
Ad-Blocker Plus is great. It blocks ads. Those annoying ads you see on a website? Well, with ABP, you can get rid of them once and for all! *insert evil laugh here*
Although it might seem cool, a lot of websites are supported by these ads, so by blocking them you are essentially not giving the people who host the sites money to keep their sites running (like me). The best way to use ABP is to remove ads that are annoying. For example, an ad that makes noise while you're watching a video on YouTube is annoying. Blocking it is perfectly the right thing to do. Clever programmers now have programmed a way that you cannot view a site if you have ad-blocker enabled. So if you use ABP or a similar product, you won't be able to see the contents of the site. I don't agree to this. It's up to the user to decide whether or not to view ads, and it is not for the webmaster to control that. That's controlling an end-user's ability to surf the Internet, such control should not be forced.
We can debate over the whether or not forcing a end-user to comply to a webmaster's greedy demands, but that's not why you're reading this. So, back on topic...
Here's a sample of how ad-blocker blocks ads.
Voila! No ads.
AdHacker
AdHacker is a nifty way to tracking who is tracking you. It works similarly to AdBlocker but instead of making it easy to black ads, it shows you which program is watching you, and what keywords its using to determine the ad content on the website to show you. It's a great way to see what sites you visit bring up which type of ads.
If you click on the number of watchers, you can view what tracker is currently tracing you, and by clicking on the words that it finds, you can see which tracker is choosing those words in reference to the ads it's going to display for you.
Here's another example:
HackBar
Anybody who does website security needs to get this to audit their site. This useful tool enables web developers and site developers to test vulnerabilities in their code, and plug them up. It's an essential tool if you're a web-programmer.
Evil people use this to try and ruin websites by exploiting any number of vulnerabilities. A good 'all-in-one' hacking utility that is browser based. The most useful is using the MySQL injection tool. But, for SQL injection tools, you need to 'know' the syntax in order to pull this off. That's where the next add-on actually comes in.
If you are testing SQL injections only, then I recommend the next Add-on over this one. If you're doing a multiple series of tests, such as cross-site linking, or address spoofing, then this is the right add-on for you.
SQL Inject Me
Similar to HackBar, SQL Inject Me is an add-on used to emulate all the ins and outs of a SQL Injection attack. This is a must-have for any secure webserver, as this type of attack is the most popular amongst hackers. It's a nifty add-on that enables you to throw a bunch of attacks at a website without you having to copy-paste a bunch of code. It does all the attacks for you, and you don't need to know how to write the code! Excellent.
Just a warning, with some good administrators, if you run this on a site, there is a chance that they might ban your IP address (for security reasons). You have been warned, use this at your own discretion.
FireBug
FireBug is one of the coolest add-ons for FireFox there is. It enables you to mess around with the code while you are browsing a site. This is great if you want to create new templates, change certain things around and modify the content of your site without having you actually change the actual site itself.
Below is me playing around with Facebook using FireBug, just so you can get a drift of just how nifty this tool can be for web-programmers and graphic designers who are looking to build their website. Please note that this does not change Java code, but you can manipulate JScript.
Take a look at this (I had to censor out the content):
To change the things on a site is easy. I will show you how with FireBug.
Please note that this does not change the website itself, it only changes how you are looking at the website at that particular moment. If you hit 'Refresh', or navigate away from the page, the website will revert to its original color/settings.
FireFox is great because of the way it allows you to do whatever you want with your browser. Not only can you fully customize the feel, but you can add multiple things to your browser that allows you to make your browsing experience smoother, easier, funky, etc.
I am going to go over the browser add-ons I use, and why.
Ad-Blocker Plus
Ad-Blocker Plus is great. It blocks ads. Those annoying ads you see on a website? Well, with ABP, you can get rid of them once and for all! *insert evil laugh here*
Although it might seem cool, a lot of websites are supported by these ads, so by blocking them you are essentially not giving the people who host the sites money to keep their sites running (like me). The best way to use ABP is to remove ads that are annoying. For example, an ad that makes noise while you're watching a video on YouTube is annoying. Blocking it is perfectly the right thing to do. Clever programmers now have programmed a way that you cannot view a site if you have ad-blocker enabled. So if you use ABP or a similar product, you won't be able to see the contents of the site. I don't agree to this. It's up to the user to decide whether or not to view ads, and it is not for the webmaster to control that. That's controlling an end-user's ability to surf the Internet, such control should not be forced.
We can debate over the whether or not forcing a end-user to comply to a webmaster's greedy demands, but that's not why you're reading this. So, back on topic...
Here's a sample of how ad-blocker blocks ads.
Voila! No ads.
AdHacker
AdHacker is a nifty way to tracking who is tracking you. It works similarly to AdBlocker but instead of making it easy to black ads, it shows you which program is watching you, and what keywords its using to determine the ad content on the website to show you. It's a great way to see what sites you visit bring up which type of ads.
If you click on the number of watchers, you can view what tracker is currently tracing you, and by clicking on the words that it finds, you can see which tracker is choosing those words in reference to the ads it's going to display for you.
Here's another example:
HackBar
Anybody who does website security needs to get this to audit their site. This useful tool enables web developers and site developers to test vulnerabilities in their code, and plug them up. It's an essential tool if you're a web-programmer.
Evil people use this to try and ruin websites by exploiting any number of vulnerabilities. A good 'all-in-one' hacking utility that is browser based. The most useful is using the MySQL injection tool. But, for SQL injection tools, you need to 'know' the syntax in order to pull this off. That's where the next add-on actually comes in.
If you are testing SQL injections only, then I recommend the next Add-on over this one. If you're doing a multiple series of tests, such as cross-site linking, or address spoofing, then this is the right add-on for you.
SQL Inject Me
Similar to HackBar, SQL Inject Me is an add-on used to emulate all the ins and outs of a SQL Injection attack. This is a must-have for any secure webserver, as this type of attack is the most popular amongst hackers. It's a nifty add-on that enables you to throw a bunch of attacks at a website without you having to copy-paste a bunch of code. It does all the attacks for you, and you don't need to know how to write the code! Excellent.
Just a warning, with some good administrators, if you run this on a site, there is a chance that they might ban your IP address (for security reasons). You have been warned, use this at your own discretion.
FireBug
FireBug is one of the coolest add-ons for FireFox there is. It enables you to mess around with the code while you are browsing a site. This is great if you want to create new templates, change certain things around and modify the content of your site without having you actually change the actual site itself.
Below is me playing around with Facebook using FireBug, just so you can get a drift of just how nifty this tool can be for web-programmers and graphic designers who are looking to build their website. Please note that this does not change Java code, but you can manipulate JScript.
Take a look at this (I had to censor out the content):
To change the things on a site is easy. I will show you how with FireBug.
Please note that this does not change the website itself, it only changes how you are looking at the website at that particular moment. If you hit 'Refresh', or navigate away from the page, the website will revert to its original color/settings.