Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

ClearURLs is an add-on based on the new WebExtensions technology and will automatically remove tracking elements from URLs to help protect your privacy.

Stars: ✭ 161 (+335.14%)

Mutual labels: privacy, firefox

Scriptsafe

a browser extension to bring security and privacy to chrome, firefox, and opera

Stars: ✭ 434 (+1072.97%)

Mutual labels: privacy, firefox

User.js

user.js -- Firefox configuration hardening

Stars: ✭ 2,354 (+6262.16%)

Mutual labels: privacy, firefox

Chameleon

WebExtension port of Random Agent Spoofer

Stars: ✭ 263 (+610.81%)

Mutual labels: privacy, firefox

I2pdbrowser

i2pd browser bundle

Stars: ✭ 94 (+154.05%)

Mutual labels: privacy, firefox

Firefox Profilemaker

Tool to create firefox profiles with good defaults.

Stars: ✭ 361 (+875.68%)

Mutual labels: privacy, firefox

Privacy Redirect

A simple web extension that redirects Twitter, YouTube, Instagram & Google Maps requests to privacy friendly alternatives.

Stars: ✭ 342 (+824.32%)

Mutual labels: privacy, firefox

Privacyfox

PrivacyFox tweaks various preferences in Firefox in order to enhance the privacy of users; it will also try to enforce these changes to maintain your privacy online.

Stars: ✭ 155 (+318.92%)

Mutual labels: privacy, firefox

Canvasblocker

A Firefox extension to protect from being fingerprinted.

Stars: ✭ 608 (+1543.24%)

Mutual labels: privacy, firefox

Blocker Database

A global domain based database for NoScript, uBlock, uMatrix & ScriptSafe

Stars: ✭ 127 (+243.24%)

Mutual labels: privacy, firefox

Offline Qr Code

📱 Browser add-on allowing you to quickly generate a QR code offline with the URL of the open tab or other text!

Stars: ✭ 193 (+421.62%)

Mutual labels: privacy, firefox

Librefox

License: Mozilla Public License 2.0

Stars: ✭ 1,574 (+4154.05%)

Mutual labels: privacy, firefox

firefox-containers-helper

Firefox multi-account containers are for power users. So is this. Adds bulk container interactivity features missing from the Mozilla Multi-Account Containers extension.

Stars: ✭ 32 (-13.51%)

Mutual labels: firefox, privacy

Ffck

🦊 & 🧅 hardening

Stars: ✭ 72 (+94.59%)

Mutual labels: privacy, firefox

Container Tabs Sidebar

Firefox addon aiming to utilize screen estate more efficiently by showing tabs in a sidebar grouped by privacy containers. Inspired by TreeStyleTab.

Stars: ✭ 87 (+135.14%)

Mutual labels: privacy, firefox

Contain Google

[Looking for maintainer] - Google Container isolates your Google activity from the rest of your web activity in order to prevent Google from tracking you outside of the Google website via third party cookies.

Stars: ✭ 347 (+837.84%)

Mutual labels: privacy, firefox

Temporary Containers

Firefox Add-on that lets you open automatically managed disposable containers

Stars: ✭ 488 (+1218.92%)

Mutual labels: privacy, firefox

View All Similar Projects ➔

Firefed

Firefed is a command-line tool to inspect Firefox profiles. It can extract saved passwords, preferences, addons, history and more. You may use it for forensic analysis, to audit your config for insecure settings or just to quickly extract some data without starting up the browser.

Note that Firefed is a work in progress and not all features work seamlessly yet -- but you're more than welcome to contribute, especially with bug reports and usage feedback.

Installation

Install the package, preferably via pip:

pip install firefed --upgrade

Usage

$ firefed -h
usage: firefed [-h] [-V] [-P] [-p PROFILE] [-v] [-f] FEATURE ...

A tool for Firefox profile analysis, data extraction, forensics and hardening

optional arguments:
  -h, --help            show this help message and exit
  -V, --version         show program's version number and exit
  -P, --profiles        show all local profiles
  -p PROFILE, --profile PROFILE
                        profile name or directory to be used when running a
                        feature
  -v, --verbose         verbose output (can be used multiple times)
  -f, --force           treat target as a profile directory even if it doesn't
                        look like one

features:
  Set the feature you want to run as positional argument. Each feature has
  its own sub arguments which can be listed with `firefed <feature> -h`.

  FEATURE
    addons              List installed addons/extensions.
    bookmarks           List bookmarks.
    cookies             List cookies.
    downloads           List downloaded files.
    forms               List form input history (search terms, address fields,
                        etc.).
    history             List history.
    hosts               List known hosts.
    infect              Install a PoC reverse shell via a hidden extension.
    inputhistory        List history of urlbar inputs (typed URLs).
    logins              List saved logins.
    permissions         List host permissions (e.g. location sharing).
    preferences         List user preferences.
    summary             Summarize results of all (summarizable) features.
    visits              List history of visited URLs.

Features

Addons

List installed addons/extensions.

usage: firefed addons [-h] [-a] [-A] [-S] [-f {list,short,csv}] [-s]

optional arguments:
  -h, --help            show this help message and exit
  -a, --all             show all extensions (including system extensions)
  -A, --show-addons-json
                        show entries from "addons.json"
  -S, --show-startup-json
                        show addon startup entries (from
                        "addonStartup.json.lz4")
  -f {list,short,csv}, --format {list,short,csv}
                        output format
  -s, --summary         summarize results

Bookmarks

List bookmarks.

usage: firefed bookmarks [-h] [-f {tree,list,csv}] [-s]

optional arguments:
  -h, --help            show this help message and exit
  -f {tree,list,csv}, --format {tree,list,csv}
                        output format
  -s, --summary         summarize results

Cookies

List cookies.

Don't find a cookie you have definitely set? Not all cookies are immediately written to the cookie store. You possibly need to close the browser first to force all cookies being written to disk.

usage: firefed cookies [-h] [-H HOST] [-a] [-S SESSION_FILE]
                       [-f {setcookie,list,csv}] [-s]

optional arguments:
  -h, --help            show this help message and exit
  -H HOST, --host HOST  filter by hostname (glob)
  -a, --all             show cookies from all sources, including all available
                        session files
  -S SESSION_FILE, --session-file SESSION_FILE
                        extract cookies from session file (you can use
                        "recovery", "previous", "sessionstore" as shortcuts
                        for default file locations)
  -f {setcookie,list,csv}, --format {setcookie,list,csv}
                        output format
  -s, --summary         summarize results

Downloads

List downloaded files.

usage: firefed downloads [-h] [-s]

optional arguments:
  -h, --help     show this help message and exit
  -s, --summary  summarize results

Forms

List form input history (search terms, address fields, etc.).

Searches in the browser's searchbar have the key "searchar-history".

usage: firefed forms [-h] [-s]

optional arguments:
  -h, --help     show this help message and exit
  -s, --summary  summarize results

History

List history.

usage: firefed history [-h] [-f {list,short,csv}] [-s]

optional arguments:
  -h, --help            show this help message and exit
  -f {list,short,csv}, --format {list,short,csv}
                        output format
  -s, --summary         summarize results

Hosts

List known hosts.

usage: firefed hosts [-h] [-s]

optional arguments:
  -h, --help     show this help message and exit
  -s, --summary  summarize results

Infect

Install a PoC reverse shell via a hidden extension.

This is highly experimental and only a proof of concept. Also note the extension currently isn't actually hidden and disappears with the next browser restart.

The reverse shell will attempt to connect to localhost:8123 and provides a JS REPL with system principal privileges.

usage: firefed infect [-h] [-u] [-c] [-y]

optional arguments:
  -h, --help       show this help message and exit
  -u, --uninstall  uninstall malicious addon
  -c, --check      check if profile appears infected
  -y, --yes        don't prompt for confirmation

InputHistory

List history of urlbar inputs (typed URLs).

usage: firefed inputhistory [-h] [-s]

optional arguments:
  -h, --help     show this help message and exit
  -s, --summary  summarize results

Logins

List saved logins.

You can provide a valid master password, but firefed doesn't (yet) support cracking an unkown password.

usage: firefed logins [-h] [-l LIBNSS] [-p PASSWORD] [-f {table,list,csv}]
                      [-s]

optional arguments:
  -h, --help            show this help message and exit
  -l LIBNSS, --libnss LIBNSS
                        path to libnss3
  -p PASSWORD, --master-password PASSWORD
                        profile's master password (If not set, an empty
                        password is tried. If that fails, you're prompted.)
  -f {table,list,csv}, --format {table,list,csv}
                        output format
  -s, --summary         summarize results

Permissions

List host permissions (e.g. location sharing).

This feature extracts the stored permissions which the user has granted to particular hosts (e.g. popups, location sharing, desktop notifications).

usage: firefed permissions [-h] [-f {table,csv}] [-s]

optional arguments:
  -h, --help            show this help message and exit
  -f {table,csv}, --format {table,csv}
                        output format
  -s, --summary         summarize results

Preferences

List user preferences.

This feature reads the preferences from prefs.js and user.js. Unfortunately, we can't extract any default values since these aren't stored in the profile.

usage: firefed preferences [-h] [-d] [-c] [-S PATH] [-b] [-i] [-s]

optional arguments:
  -h, --help            show this help message and exit
  -d, --duplicates      show all preferences, even if the key appears multiple
                        times (otherwise, only the last occurence is shown
                        because it overrides all previous occurences)
  -c, --check           compare preferences with recommended settings
  -S PATH, --source PATH
                        path to file with recommended settings (use "userjs-
                        master" or "userjs-relaxed" to load userjs config from
                        Github)
  -b, --bad-only        when comparing with recommendations, show only bad
                        values
  -i, --include-undefined
                        when comparing with recommendations, treat undefined
                        preferences as bad values
  -s, --summary         summarize results

Summary

Summarize results of all (summarizable) features.

usage: firefed summary [-h]

optional arguments:
  -h, --help  show this help message and exit

Visits

List history of visited URLs.

This is different from the history feature because it lists a single entry with a timestamp for each individual visit, even if the URL is the same.

usage: firefed visits [-h] [-f {list,csv}] [-s]

optional arguments:
  -h, --help            show this help message and exit
  -f {list,csv}, --format {list,csv}
                        output format
  -s, --summary         summarize results

Related tools

dumpzilla (Extracts various information in a single step)
firefox_decrypt (Extracts passwords)

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 37

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (1) 🔗