Browser Extensions which have landed $$$ !
What’s up everybody. My name is Sagar Sajeev.
This is my writeup about a collection of Browser extensions (Chrome and Firefox) which have actually helped me find me vulns and thus bounties.
A browser extension is a small software (aka plugin) for your browser that adds certain functions and features to it.
Chrome Extensions → https://chrome.google.com/webstore
Firefox Extensions → https://addons.mozilla.org/en-US/firefox/extensions/
1) Wappalyzer
- Wappalyzer is a technology profiler which lets you know what CMS website is using, JS libraires, basically what websites are built with.
- It will help you narrow down the recon process to a specific framework or technology.
Chrome → https://chrome.google.com/webstore/detail/wappalyzer-technology-pro/gppongmhjkpfnbhagpmjfkannfbllamg
Firefox → https://addons.mozilla.org/en-US/firefox/addon/wappalyzer/
2) DotGit
- An extension which will let you know if .git directory is exposed.
- I’ve personally had 2 instances where this extension has helped me in discovering exposed git directories.
Chrome → https://chrome.google.com/webstore/detail/dotgit/pampamgoihgcedonnphgehgondkhikel
Firefox → https://addons.mozilla.org/en-US/firefox/addon/dotgit/
3) Bishop Vulnerability Scanner
- Search websites for git repos, exposed config files, and more as you browse.
- It has once helped me in discovering an endpoint which had a file upload feature. Loaded in a php reverse shell script and got full fledged RCE.
Chrome → https://chrome.google.com/webstore/detail/bishop-vulnerability-scan/cbkdeoaaclnbidadjimofnhpbfhjakoe
Firefox → <Only available in Chrome>
3) Modheader
- Modheader can help you to modify HTTP request/response headers, modify cookies and much more.
Chrome → https://chrome.google.com/webstore/detail/modheader/idgpnmonknjnojddfkpgkljpfnnfcklj
Firefox → https://addons.mozilla.org/en-US/firefox/addon/modheader-firefox/
4) Retire.js
- Retire.js scans for vulnerable JS libraries. The goal is to help you detect use of versions with known vulnerabilities.
Chrome → https://chrome.google.com/webstore/detail/retirejs/moibopkbhjceeedibkbkbchbjnkadmom
Firefox → https://addons.mozilla.org/en-US/firefox/addon/retire-js/
5) Similiarweb
- It will let you know about website traffic, traffic source, engagement rate, traffic ranking, keyword ranking, visits over time and much more.
- One of the best tool for gaining an in depth knowledge about the target.
Chrome → https://chrome.google.com/webstore/detail/similarweb-traffic-rank-w/hoklmmgfnpapgjgcpechhaamimifchmp
Firefox → https://addons.mozilla.org/en-US/firefox/addon/similarweb-sites-recommendatio/
<Bonus extension>
JavaScript and CSS Code Beautifier
- Beautify CSS, JavaScript and JSON code automatically and make the source mode readable.
Chrome → https://chrome.google.com/webstore/detail/javascript-and-css-code-b/iiglodndmmefofehaibmaignglbpdald
(Not available in Firefox, but the extension linked below is similar to it)
Firefox →https://addons.mozilla.org/en-US/firefox/addon/beautifer-minify/
Thanks for going through my writeup. I hope it was useful to you.
I've made 4 other writeups about certain interesting bugs I’ve reported. Please do check them out as well.
I do occasionally share some tips about Bug Bounties and related stuff over at my Twitter and LinkedIn handle. So do follow me there. If you’ve got any queries, feel free to message me. I will be more than happy to help.
LinkedIn : https://www.linkedin.com/in/sagar-sajeev-663491208/
Twitter : https://twitter.com/Sagar__Sajeev
Happy Hunting!