Results 1 to 4 of 4

Thread: Web browser specifically designed for pen-testers

  1. #1
    Just burned his ISO
    Join Date
    Mar 2011
    Location
    at home
    Posts
    3

    Lightbulb Web browser specifically designed for pen-testers

    I don't currently know of one, except Firefox, but you have to download addons and i don't trust them, and I have been googling for one to no avail. I think it would be extremely useful if someone could develop and release a web browser to the masses dedicated to pen-testing, I would do it myself but I don't have the skills or experience to program on that level of ability. the reason i think this would be best is ; first of all, we have all become too dependent on addons which give the browser with said addons more exploits, second with my favorite Firefox addon, Firebug, in order for you to be able to view and edit cookies you have to install yet another addon, Firecookie, and on top of that there are more addons for firebug that "extend" its usage,such as drupal for firebug, phpbug, etc. And finally with a web browser that does not require addons to pen test you have no need to constantly update the browser and addons separately, all you would need to do is update the browser when an update is available.

    Sorry this was so long, and if there are any inconsistencies with my reasoning or anything else, please feel free to correct me.

  2. #2
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: Web browser specifically designed for pen-testers

    I doubt this is going to happen. However since you are effectively talking about trust let's look at a few things. No matter who's program you are using you need to trust them. As such using BT means you not only trust the development team, but also the authors of each and every package that is included.
    Now that's the same if you are talking about nmap, or firefox or even the gnome file manager. Now one of the things that makes linux what it is, is that since it is open source you are free to look at the code that makes up the majority of the packages on BT. There are a few packages that are non-free and of course each of these packages are noted. This ability allows one to have a certain level of trust that the code is doing what it is/was designed to do.
    So the same thing applies to Firefox, and many of the add-ons that you are talking about. Again it is up to each individual to determine if having such tools (or even BT) for that matter is right for them.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  3. #3
    Senior Member
    Join Date
    Jan 2010
    Posts
    126

    Default Re: Web browser specifically designed for pen-testers

    Quote Originally Posted by spolen88 View Post
    first of all, we have all become too dependent on addons which give the browser with said addons more exploits
    Sorry this was so long, and if there are any inconsistencies with my reasoning or anything else, please feel free to correct me.
    If you are open to polite dissent, here goes:

    This is a major inconsistency with your reasoning. We have not *all* become "too dependent" on browser based automated pentest functions. These plugin/browser based automated functions often produce ludicrously inaccurate results compared to the results rendered by an actual pentest/audit. While they are indeed nifty toys; there is a very good reason tools which test/audit all of the same measurements are included within Backtrack in a command line interface rather than some auto-magic http browser format. There are many worthwhile tools which use a browser to access a http admin panel (burp,nexpose,etc), but for the most part they are usually surpassed in accuracy by more meticulous tools already within B|T.

  4. #4
    Just burned his ISO
    Join Date
    Mar 2011
    Location
    at home
    Posts
    3

    Default Re: Web browser specifically designed for pen-testers

    @archangel-amael I do see your point, but its not that i don't trust Firefox, which i don't (I'm just naturally untrusting). I just think that if everything that security techs used were built in to the browser, it would allow for better security and compatibility, I'm not talking about system security or network security i do more work with web development so i just think if your going to check your web forms against sql injections, or edit the value of cookies to allow access to admin privileges, or any other web attack you might as well be able to do that from the browser, I know i do most of my work in the browser, testing and making sure everything works, i just think the browser should come default with the "basic" tools necessary for the job.

    and @clone I was wrong to insinuate that we have "all" become to dependent on the addons, i know i have, and i'm sure there are others too in the same boat as me. I do love the tools that come with BT, and am currently loving BT5, im using the vmware right now and plan to install in place of my windows xp, but i'm not very good with the command line, i'm too used to gui after years of windows,

    I do apologize if i wasn't clear on what i meant the first time, or even if I'm not now, I'm not much for words, I can only hope that you can keep up with my messed up thought process, in my mind i understand it better than i can explain it, it has after all taken me an hour to type this.

Similar Threads

  1. Replies: 1
    Last Post: 11-22-2010, 09:59 AM
  2. Replies: 3
    Last Post: 01-15-2009, 10:48 PM
  3. Looking for Beta Testers Fast-Track 3.0
    By imported_relik in forum OLD Programming
    Replies: 3
    Last Post: 04-04-2008, 08:53 PM
  4. testers for new wpa gui wanted ....
    By shamanvirtuel in forum OLD General IT Discussion
    Replies: 10
    Last Post: 07-25-2007, 04:44 PM
  5. Bluetooth specifically Belkin F8T001
    By mannivw in forum OLD BackTrack v2.0 Final
    Replies: 0
    Last Post: 04-16-2007, 11:27 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •