قالب وردپرس درنا توس
Home / Tips and Tricks / Top 10 browser extensions for hackers and OSINT researchers «Null Byte :: WonderHowTo

Top 10 browser extensions for hackers and OSINT researchers «Null Byte :: WonderHowTo



Modern browsers are robust and offer many functions. However, they can be unlocked to perform some spectacular tasks with browser extensions. For hackers and OSINT researchers, these tools can be used to bypass online tracking, log in to SSH devices, and search for clues during an investigation on the Internet. This is a list of my ten most popular browser extensions for hackers – and how to use them.

What are add-ons?

Browser extensions or add-ons are programs that extend the functionality of a browser. The easiest way to think about browser extensions is to map them as apps for your browser. Certain extensions provide add-on features that make the browser more useful for a particular use case. An example is the browser extension grammar, which automatically corrects spelling and grammatical errors.

In addition to spelling correction, browser extensions can also do some incredible things. By taking control of the information a browser sends while requesting to load websites, you can better protect your privacy and prevent the sites you visit from easily tracking. They may even cause websites to behave differently depending on how you identify your system while requesting web pages. This can be helpful for a variety of situations.

For OSINT researchers, browser extensions provide a way to immerse in the data on the Internet. Learn more about every hint you'll find. With EXIF ​​extractors, you can retrieve data from all found images, use data formatting tools to access APIs and read data more efficiently, and there are tools to search archived versions of the Internet to access deleted historical data.

What you need

To follow this guide, you need to download Google Chrome or Mozilla Firefox. Make sure your version is fully up to date and search for extensions that you can add to your browser on the Google Chrome Web Store or Firefox Add-ons website.

As you can see in our video, we recommend installing Buscador OS as a virtual machine, as all these browser extensions are already installed. Using these extensions in a virtual machine helps protect you from potentially identifying information that your primary operating system might leave behind.

. 1 Data Protection

Browsers can leak a lot of personal information, and that's what companies are aiming to do over the Internet. Advertisers use advanced Internet tracking methods that are difficult to hide for the average user and make it difficult to gain control over the data your browser exposes. Online privacy, but some of the best are from the Electronic Frontier Foundation. This group has a number of different projects that users can use to hide online from location systems. One of the easiest to use is " Privacy Badger", which is available for both Mozilla Firefox and Google Chrome. It's free, open source, and helps the average user prevent the use of hidden trackers.

Another strong contender for preserving privacy on the Internet is "Ublock Origin." By tracking links, you can also view any locked request in a convenient filter mode. The ability to automatically block trackers is an important step in keeping you private online.

Above you can see a list of each item locked on foxnews.com. The list is huge! With Ublock and EFF enhancements, you can effortlessly manage the advanced tracking techniques that advertisers and other nefarious groups use to track you online.

. 2 Internet Protocol

Ever wanted to see a site that is no longer available or needed to view an earlier version of an existing webpage? This can often lead to valuable information being removed or more accurate company history information being found.

One of the most useful enhancements to this is Back to Time, available only for Google Chrome. On each page, you can right-click to enable the "Back to the past" option and select the preferred archive to search, such as the archive you want to search. For example, the Internet Archive (via the Wayback computer).

Depending on which archive you select, a list of previously recorded states of the web page you are viewing is displayed. In my example I found a version of foxnews.com from 2001 with dated articles about Jeb Bush.

Using browser plug-ins to study earlier versions of the Internet opens up information about discoveries that may not be available anywhere else.

3. Device Spoofing

To load Web pages, your browser sends information about the device that prompts you to send a version of the Web site you requested that best matches the device you are using suitable is. Unfortunately, this can also lose a lot of data about you and a unique fingerprint on your device. To get around this, we can pretend to be a different device with a user agent switcher.

Aside from the privacy benefits, we can also change how websites behave by pretending to be a particular device. For example, with Instagram we can only upload photos if it's a mobile device. This means we can upload photos from our computer when we set our user agent to a smartphone. To try it out, you can install "User-Agent Switcher" from Linder under Firefox or "User-Agent Switcher and Manager" from Rynu.smith on Chrome.

User Agent Switcher and Manager in Chrome.

. 4 Exif Data

Photos contain a lot of information, and the attached metadata can tell, for example, where the photo was taken and which camera type and settings were used. With various extensions, you can access the hidden information in image files with one mouse click.

Many sites remove Exif data from uploaded images, others do not. Below, we can see exactly when this photo was taken, along with the type of camera used and the settings used, to name but a few. Good viewers include "Exif Viewer" by Alan Raskin for Firefox and "EXIF Viewer" by vdsowner for Chrome.

Learn More: How to Get Valuable Data from Images Using Exif Extractors

Image metadata displayed with EXIF ​​Viewer in Chrome.

. 5 Site Profiling

If you are curious about the technology used to run a website, you can easily see everything that drives the site with the "BuiltWith Technology Profiler". With this tool, we can quickly determine if a web app is a hastily scrambled shell camouflaging a fraud or well-developed investment by a legitimate corporation.

Clicking the BuiltWith icon displays an exploded version of Each service a Web site runs. In my case, we can see the hosting, e-commerce, and content delivery networks on a fraudulent advertising site.

6. Video Download

Video downloaders are useful for keeping the forensic evidence you find in the course of an investigation. While many Chrome extensions do not allow you to download YouTube, many, such as One-Click Video Downloader, let you download videos from virtually any other source. For those of you who want to download YouTube videos, Flash Video Downloader for Firefox has no such limitations.

After installing one of the two programs, you can download videos from any of the auto-detected videos you download on a web page. It's that easy.

One-click video downloader in Chrome.

7. Secure Shells

If you need to log into a local or remote SSH device, you do not need a terminal! Thanks to the "SSH Agent for Google Chrome" extension, you can sign in directly through the browser. If you do not want to sign in to your SSH devices with a Google product, you can try "SSHGate ssh client and terminal emulator" for Firefox anytime.

SSH agent for Google Chrome. Picture of Hoid / Null Byte

8. Decoy Traffic

If you do not want anyone to monitor your network traffic or make aggregated data about your web traffic less useful, you can use browser extensions such as "chaff" to generate incorrect network traffic. Chaff will use random web sites based on the rules you have defined, starting with the starting values ​​you have defined. You can specify other variables to make traffic more or less realistic.

9. Forensic Snapshots of Web Sites

If you need to keep or share a snapshot of a Web site, there are many useful tools for doing so. They include options for capturing the entire page, a section, or even recording a video that passes through specific parts of the website.

One of my favorites is Nimbus named "Nimbus Screenshot & Screen Video Recorder" on Chrome and "Nimbus" Screen Capture: Screenshot, Edit, Annotate "in Firefox, which captures a site of interest in several ways.

10th JSON Data Formatting

Large amounts of data are available online, and much of this data is accessed through application programming interfaces, better known as APIs. For example, calls can query the current location of a bus in most cities and access huge databases to retrieve specific information.

APIs provide access to data from cities, governments, and other entities that can be continually updated this data is JSON, which may be difficult to read in a standard text format (see below). [19659058] Top 10 Browser Extensions for Hackers and OSINT Researchers ” width=”532″ height=”532″ style=”max-width:532px;height:auto;”/>

Because I use many APIs, I use this "JSON Viewer Awesome" in Chrome to better organize the data and make reading easier. For Firefox, "JSONovich" and "JSONView" are great tools to improve the readability of JSON data.

JSON Viewer Awesome in Chrome.

Extensions make browsers more capacity

While a computer you are currently on may not have your favorite tools, you can usually assume that it has a browser. With all the tools that Firefox and Chrome provide to extend the functionality of Internet browsing, signing in to devices via SSH or protecting your online privacy is just a browser plug-in. This is just a list of my preferred browser extensions. However, I strongly recommend using other tools such as NoScript and HTTPS Everywhere to make your online experience safer. What your browser can do! If you have questions or comments about this browser add-on tutorial, please contact me or email me at @KodyKinzie .

Do not miss: Track Down a Tinder profile with location spoofing in Google Chrome

Cover photo and screenshots of Kody / Null Byte (unless otherwise specified)


Source link