Climbing Mount WebAppSec – Chrome Extensions

As we move “client-side” browsers are evermore important as they effectively become our operating system – Chromebook for example. Many of the tasks we undertake were traditionally hosted inside the operating system but are now accessed via the browser – email and document processing being the prime examples.

As a consequence browser security has become critical.

In order to extend our browser functionality we are dependent on 3rd party extensions. It is vital we check the privileges granted these extensions as they often demand unnecessary invasive access.

To give an example, I recently needed an simple PDF viewer Chrome extension and noted the most popular demanding access including:

  • Insertion into my document drive
  • Read & change all websites

This level of access is unwarranted but to add insult to injury they downloaded and opened my document within their website!

I’d wager many folk are not aware of the privacy & security dangers these browser extensions pose.

On this topic an excellent talk was given by Achim Brucker at the recent OWASP AppSec Europe conference in Belfast entitled: The Evil Friend In Your Browser:

All of the OWASP AppSec EU talks are now available and I’d encourage you to watch as many as possible as they are superb.

There is an upside to browser extensions for us though. We can leverage them to aid us in Web Application Testing.

Here’s four Chrome extensions that are indispensable to me.

Shodan:

The Shodan plugin for Chrome automatically checks whether Shodan has any information for the current website. Is the website also running FTP, DNS, SSH or some unusual service? With this plugin you can see all the info that Shodan has collected on a given website/ domain.

Here it is in the browser:

Next up Wappalyzer:

Wappalyzer is a cross-platform utility that uncovers the technologies used on websites. It detects content management systems, ecommerce platforms, web frameworks, server software, analytics tools and many more.

Here it is in the browser:

Next up BuiltWith:

BuiltWith is a web site profiler tool. Upon looking up a page, BuiltWith returns all the technologies it can find on the page. BuiltWith’s goal is to help developers, researchers and designers find out what technologies pages are using which may help them to decide what technologies to implement themselves.

Here it is in the browser:

Last but not least Edit this Cookie:

Inspired by the lack of a good cookie manager in google chrome i developed this small simple and extremely useful extension, that let’s you perform anything you might actually need to do with cookies

Here it is in the browser:

And there you have it. Four superb Chrome extensions to aid us in Web Application Security Testing.