GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → rewanthtammana → vuln-headers-extension

rewanthtammana / vuln-headers-extension

Licence: MIT license
Firefox extension which parses the headers of all the requests which are being flowing through your firefox browser to detect for vulnerabilities.

Programming Languages

javascript
184084 projects - #8 most used programming language
HTML
75241 projects
CSS
56736 projects

Labels

firefoxextensionsscannerfirefox-extensionfirefox-webextension

Projects that are alternatives of or similar to vuln-headers-extension

Session-resurrection
Save your browser sessions and restore them any time
Stars: ✭ 36 (-34.55%)
Mutual labels:  firefox-extension, firefox-webextension
2fa-notifier
2FA Notifier is a web extension that notifies users whether or not the sites they visit support two factor authentication (2FA).
Stars: ✭ 39 (-29.09%)
Mutual labels:  firefox-extension, firefox-webextension
fb-post-screenshot
Firefox Web Extension to save Facebook posts as images
Stars: ✭ 18 (-67.27%)
Mutual labels:  firefox-extension, firefox-webextension
perfect-home
firefox newtab/home replacement
Stars: ✭ 101 (+83.64%)
Mutual labels:  firefox-extension, firefox-webextension
firefox-extensions
Awesome Firefox Extensions
Stars: ✭ 40 (-27.27%)
Mutual labels:  firefox-extension, firefox-webextension
Retire.js
scanner detecting the use of JavaScript libraries with known vulnerabilities
Stars: ✭ 2,909 (+5189.09%)
Mutual labels:  scanner, firefox-extension
firefox-containers-helper
Firefox multi-account containers are for power users. So is this. Adds bulk container interactivity features missing from the Mozilla Multi-Account Containers extension.
Stars: ✭ 32 (-41.82%)
Mutual labels:  firefox-extension, firefox-webextension
Turn-Off-the-Lights-Firefox-extension-WebExtensions
Firefox extension (WebExtensions)
Stars: ✭ 19 (-65.45%)
Mutual labels:  firefox-extension, firefox-webextension
Jsdemos
Home page for all listed extensions, if you have any suggestions/bugs, please file an issue in this repo
Stars: ✭ 14 (-74.55%)
Mutual labels:  extensions, firefox-extension
AutoPause
Browser extension to pause other audio and video sources if audio is playing on the active tab with automatic resume, fast forward and media controls.
Stars: ✭ 15 (-72.73%)
Mutual labels:  extensions, firefox-extension
man-in-the-middle
Modify requests, inject JavaScript and CSS into pages
Stars: ✭ 74 (+34.55%)
Mutual labels:  extensions, firefox-webextension
quickdial-webext
QuickDial : WebExt Dial page for Firefox
Stars: ✭ 48 (-12.73%)
Mutual labels:  firefox-extension, firefox-webextension
extensions-rig
A full development environment to build Twitch Extensions. Currently only supports panel extensions but video overlay coming soon.
Stars: ✭ 26 (-52.73%)
Mutual labels:  extensions
MassVulScan
Bash script which quickly identifies open network ports and any associated vulnerabilities / Script Bash qui permet d'identifier rapidement les ports réseaux ouverts et les éventuelles vulnérabilités associées.
Stars: ✭ 56 (+1.82%)
Mutual labels:  scanner
detect-cloudflare-plus
True Sight Firefox extension.
Stars: ✭ 34 (-38.18%)
Mutual labels:  firefox-extension
RFMap
RFMap - Radio Frequency Mapper
Stars: ✭ 23 (-58.18%)
Mutual labels:  scanner
scape
🎨 The new tab page with simplicity in mind.
Stars: ✭ 14 (-74.55%)
Mutual labels:  firefox-extension
pocketizer
Unofficial Pocket new tab extension for Chrome, Firefox, and Edge
Stars: ✭ 43 (-21.82%)
Mutual labels:  firefox-extension
myNewTabMod
修改myNewTab这个扩展,使其在火狐41上实现新标签页和扩展签名
Stars: ✭ 14 (-74.55%)
Mutual labels:  firefox-extension
VCore
VCore is a Swift collection containing objects, functions, and extensions that I use for my projects
Stars: ✭ 32 (-41.82%)
Mutual labels:  extensions
View All Similar Projects ➔

vuln-headers-extension

This is firefox extension which parses the requests before forwarding to the DNS server to scan for vulnerable URLs which occur due to Headers.

Highlights

The extension currently detects URLs which are vulnerable to

  • CORS Misconfiguration
  • Host Header Injection
  • Missing X-XSS-Protection headers (commented in the code due to its low severity)
  • Clickjacking support

Achievements

Submitted vulnerabilities to websites like #signup.com , #Chargify, #Hotstar, #Medium, etc using this tool. Got listed in #Chargify HOF and other organisaitons are resolving the issues.

Screenshots

https://raw.githubusercontent.com/rewanth1997/vuln-headers-extension/master/GUI.PNG

Installation

Method 1 -
  1. Clone the repo or fork it.
  2. Open Firefox and load about:debugging in the URL bar.
  3. Click the Load Temporary Add-on button and select the manifest.json file in your cloned repo.
  4. Now the vuln-headers-extension is installed.
Method 2 -
  1. Clone the repo or fork it.
  2. Install the web-ext tool, a npm package.
  3. Change into the directory where you cloned the repo.
  4. Type web-ext run. This will launch Firefox and install the extension.

Using -

  1. Once you install the extension you can see an icon in the tool bar.
  2. Click on the icon and a new tab gets opened.
  3. Leave it open and do your browsing/work.
  4. The extension automatically logs all the vulnerable URLs to the new tab.
  5. Now you can submit a report to the respective organisaiton and make it more secure.

Contributing

Want to add more features to it? Fork the repo and create a Pull Request. Like this tool, STAR it and click on Watch to get more updates on this tool.

Article

https://medium.com/@rewanthcool/firefox-vuln-headers-extension-e848b6d80d14

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].