It is the revolution of web browsers; they rule internet now. Browsers have evolved so much from what we had seen during the days of IE6. Now Firefox, Chrome, Opera, IE are on war to prove who is the best. They try different ways to win the heart of users; Firefox took a great leap by introducing the ‘panaroma’ feature – focus on multitasking, chrome gets appreciation for its fluid design – focus on simplicity & ease of use, Opera and IE has browser stability on priority – focus on robustness.

During this evolution, some browsers tries to standout from others by introducing a new feature which had never been available in any of their counterparts. But the other browsers instead wait for the users comments on the new feature implemented, if appreciated, they implement the same feature in theirs, may be in a better way. The browser who introduced that feature first might even loose its credit in due course. User is forced to switch from their  favorite browser for a ‘single feature’ they found useful in the ‘other’ browser. Once they completely switch and get used to the new browser, the old one brings out the same feature plus few bonus features. This cycle never ends. Firefox introduced tabs and extensions when IE did not have in them, people were attracted to it and finally switched to firefox. Then the light weight chrome came with Tab tearing, web apps, new tab page with speed dial and many other features, made few users to make chrome as their default browser. Firefox then inherited few of chromes’ features, syncing and expose like tab candy/panaroma effects. We don’t have to switch browsers just for UI features, and if at all we do, it should be seamless.

This article tries to identify best features in each of the browser and the features we expect to be part any modern browser. Here, we try to baseline few ideas, those ideas which takes browser design to the next level.

Browser Main Screen (Mockup)

MOCKUP - Main Screen - Click over image to zoom

Highlights

Main Screen

1. Menu Button

Drop down to access frequently access browser actions like preferences, print options, edit etc. To replace standard browser tool bar. (Inspired from firefox/opera)

2. Extension Button

Displays drop down that contains icons of the extensions to activate/deactivate them, or displays extensions options in sub-menus. Does not consume your address bar space as used to in firefox or previous chrome version. (Inspired from Chromium resizable bar that displays extension icons)

3. Bookmarks Button

Displays organized bookmarks in dropdown, no more bookmarks bar – (Can be created in firefox by customize options for toolbar)

4. Only Favicons in tab title

We just need favicons to know which tab is what. Most of the websites have favicon now-a-days (Inspired from faviconize tab firefox extension/pin tabs/app tabs)

5. Tabs that behaves like Dock/Taskbar icons in OSX/Win7

MOCKUP - Switch pages from same site with hover preview

One favicon displayed for one domain/website. Its like transformation from Win XP quicklauch to Win7 Taskbar. 2 pages from Facebook are to be indicated by one tab and should allow user to switch over the pages from that single Facebook icon displayed. For example, hovering over the icon should display preview of different pages open from that same site. So this keeps the number of tabs open in the browser under control. (Inspired from OSX dock/Win7 Peek).

6. Tab Sets/Groups

Tabs should be grouped to different sets and only those tabs belonging to that set should be visible on the browser window. This gives us distraction free environment. We should be able to move the tabs across the tabset by drag-n-drop (Inspired by Opera Tab Sets/Firefox Panorama)

Example -

• SOCIAL Set – Facebook, Twitter, LinkedIn etc
• WORK Set – Stackoverflow, Superuser, Dev Forums etc
• FUN Set – Youtube, Failblog etc

7. DropZone for Downloads

We don’t need a separate downloads window to keep track of our downloads.  All we need is a small icon which displays the status of our downloads and should reveal the items downloaded only when required. So idea is to click on that dropzone icon to pop up a stack which displays the downloaded items/in progress ones. Another feature we would want is to be able to drag and drop the target URLs directly to the dropzone to start the download to the default downloads folder. (Inspired from Download statusbar firefox extensions/ flashget)

Check the Mockup

8. Semi Transparent Status Bar to display full URL (Autohides)

Status bar displays only when we hover over any link (Inspired from Chrome)

9. Unload the tabs on demand/Not all tabs are loaded during browser start

Some of the websites sends Ajax request continually load the time based dynamic content every n seconds even if the page is not active. For examples gmail syncs with the server to check for new email and there might be different apps that does the same. But we might not want gmail to do so and we dont want to close the tab either. So the solution is to unload the tab and activate/load it only when required. This happens during browser start as well, we load only the last tab this significantly increase browser startup time. (Inspired from Bartab Firefox addon)

10. Mouse Gesture Support

Less keystrokes – More usable browsers will be. Built-in support for mouse gestures. (Inspired by FireGestures Firefox addon and Chrome Gestures addon in Chrome)

11. Sync ‘Everything’

Every time you do a fresh install of your favorite browser anywhere, you have to spend hours to customize it. Do it at home and you repeat all again at work, or on your new laptop. All browsers should have built-in capabilities to sync preferences, extensions, bookmarks, and everything to ensure that user doesn’t even notice any change if browses at home or at work. He should be given options to create profile and sync those at work or home. (Inspired from Firefox weave, built-in with Firefox 4 though)

New Tab/ Hidden Address Bar

MOCKUP - New Tab Popup

1. Pops-up on demand

Address bar consumes unnecessary space of our precious screen real estate. We need address bar only when we access a new page so why should it be visible all the time? Clicking on the newtab icon displays a popup that has a tiny address bar. This is like a omnibar/awesomebar which means single box to accept URL as well as search string. (Inspired from AppPanel enabled using startup switch in Chrome).

2. Search Site

Below the address bar are the favicons of the currently open tabs. Example, select the icon of twitter then enter the search term to search twitter for something. Reduces many steps this way.

3. Top Sites (Starred)

Few starred sites/frequently used sites (may be top 10) are displayed in drop down when the Star icon is clicked. So open these sites with a click (Most visited in Chrome, Top Sites in Safari)

Tab Grid

A new perspective to our usual browsing experience. This displays preview of currently opened tabs in a grid, tabs can be easily identified/switched to from here. We should be able to close the tabs with a click without switching back to the page.

MOCKUP - Tab Grid

1. New Tab from Grid

This is the best part, we can create tabs by just entering the address of the page you want to access from the grid itself. Example – create tabs for Google reader/ Gmail or any site instantaneously and let it load when you are still in the grid. So in future grid enables user to quickly create and open multiple tabs. (Inspired from IE in Win7 mobile)

2. Switch Tabsets from Grid

Click on the tabset button to preview the tabs belonging to that set. Easily drag and drop the tabs to different sets from the Grid as well. (Inspired from Firefox Panorama/OSX Expose)

• Counter on Panorama feature – This feature in Firefox will become little complex and unmanageable after opening maybe 30 tabs (or on laptop screens). We will end up in have 10 or 15 tab piles. But the method mentioned in this article lets users to manage tabs on that tab set and does not display all the tabs in all the sets.

3. Open New Page of Opened Tab

List of opened tabs displayed in the Grid, click on it to clone the site to a different page.

Conclusion

Like the term ‘Tabs’ which is now a standard in all the browser, we expect the ideas mentioned in the post to be integral part of every browser. Let the users have seamless browser switch if the opt for. So in future, users should consider the parameters like speed, stability, performance to let them decide on the chosen and not just the UI based influences.

Mockups Below For Reference

Main Screen - Click over image to zoom

Hover Preview

New Tab Popup

Tab Grid

Please mention in comments if there are any features you would want to see in all the browsers or you deny on any of the idea mentioned.

Author of this post is familiar with different web browsers like IE 4 – 8, Now Defunct Netscape Navigator, Firefox (all versions), Opera, Chrome (all versions), Safari and many others. Has been evangelizing web browsers since 90s.

Google has launched Secure Google search hosted on SSL lately . This post talks on how to enable this Secure Google search to the browser search bar/search suggestions in Firefox, Chrome and IE browsers.

Updated: Added Screenshots for IE

1. Firefox

Go to the Mozilla Addons Page and add Google SSL Search Plugin

Select ‘Start using it right away in the dialog box that displays – Add “Google SSL” to the list of engines available in the search bar?

2. Chrome

Right Click on Chrome Omnibar(Address bar) and Select ‘Edit Search Engines’.

In the Edit Search Engines Dialog box add https://www.google.com/search?q=%s in the URL field and click on Make Default Button.

Dont forget to check the Chrome Extensions List for Security Testers, here (Internal Post)

3. Internet Explorer

• Access the Add Search Providers page

• In the Create Your Own enter https://www.google.com/search?q=TEST in the URL field

Click on the Install Button to see the following screen. Check the ‘Make this my default search provider’

Now the Search box in IE will display Google.

via Google Blog and TechDows

Chrome is becoming popular among the developers due to its extended support for the upcoming web technologies. If these features of chrome can help the developers to dissect & analyse the newest web applications, so can it for security analysts. Firefox has become so popular among the security guys due to the availability of addons like WebDeveloper/Firebug which can aid them during their security assessments.

The extension Pendule is an attempt to reproduce the features of WebDeveloper Addon for firefox. Currently it doesn’t support all the features of WebDeveloper but expected to incorporate soon.

Pendule - Chrome Extension

Features

1. Form Manipulations

2. View Javascripts

3. Show Image Paths Inline

Download Pendule:

Stay updated with addons discussed in the SecFox series, the most popular section of this blog. For that you need to subscribe to the SecFox addon collection available in the mozilla addons site.

SecFox is collection of addons which can be used to customize any firefox to a security assessment tool. At the time of writing this collection has 40+ addons which can help the web app sec testers during their assessments.

An ‘addon collector‘ addon is to be installed to get the SecFox updates. So if any new addon added to SecFox collection gives an alert to the subscriber.

Check the video below which explains how.

Download Secfox Collection :

In this part of the Secfox series, we will be discussing about the addons that can help us during the app security assessments which involves cookie analysis and manipulation.

These addons can be of huge help when we perform the type of tests mentioned below.

• Cookie Prediction
• Session Fixation
• Cookie Persistence/Expiration
• Broken Session Management

Traditional Method

We use a proxy interceptor like Paros/Burp/WebScarab to trap the HTTP requests and modify the values during its transit. For this to happen, we need to setup a proxy and ensure that it listens to the browser traffic. An additional step is required if the application uses an SSL connection, i.e. to store the Proxy’s forged certificate in the browser. The intercepted request enables us to add new cookies or modify the existing ones. We can also check when exactly are the cookie values issued and whether it is getting flushed upon session expiration.

Usage of Addons

We have various addons for firefox which makes the tasks mentioned above easier. Certain addons allow to view the cookies stored in the browser and others allows us to edit it. The advantage – we don’t need any proxy to do this job, we can view/edit from the browser itself.

1. View Cookies

This addon adds a tab in the ‘Page Info’ box available on the Firefox context menu.

View Cookies Addon

Download Link:

2. Add N Edit Cookies

This addon integrates a Cookie Editor to firefox. This also allows us to edit the attributes of the cookie.

Add n Edit Cookies Addon

Download Link:

3. FireCookie

If you are using Firebug a lot, then cookies are easily accessible inside firebug tabs if you have FireCookie installed.

FireCookie Addon

Download Link:

4. Cookie Swap

This is an amazing addon which helps us to switch between various cookie profiles. This addon saves all the cookies for a particular domain to the chosen profile. These profiles can be managed through a Profile Manager which comes with the tool. One can add and organize the profile which can be easily swapped from the Firefox status bar. This is of great use if you are testing the application which has multiple login credentials.

Cookie Swap - Status Bar

Cookie Swap - Manage Profiles

Download Link:

5. WebDeveloper – View Cookies

Web developer has a built-in cookie viewer and editor. Once you select on ‘View Cookies’ available under the ‘Cookies’ menu, a new tab is displayed with a big list of cookies for that particular domain and options to edit it. I prefer using ‘Add n Edit Cookie’ to this addon.

WebDeveloper - View Cookies

Download Link:

Video Demo

Watch the following video. Here, I quickly go through each of the addon I’d mentioned above.

Stay tuned… Secfox will continue….

Google Gears provides enhanced interactive functionality for websites designed to use it: drag-and-drop, client-side database storage, and the ability to view and work with specially prepared websites when offline (not connected to the Internet).

Now-a-days most of the feature rich sites interact with the Gears installed in the PC and makes our browsing experience better. But what if we frequently switch our PCs and use portable version of Firefox! what if we dont have admin privileges in the PC we are currently working with? Gears Portable Addon can save our day.

This add-on is an unmodified repackaging of Google’s binaries via the official Windows installer/updater. (In other words, it’s the official releases, simply ZIP’d into an XPI file.)

Installation

1. Download and install Google Gears Portable (This is an experimental addon so check ‘Let me install this experimental add-on‘ to install this addon
2. Restart your firefox.
3. Go to the site you want to enable Gears and click on the Gears icon.
4. As shown in the below screenshot Allow the Gears Access.

Download Gears Portable :

“The tool works by submitting your HTML forms and substituting the form value with strings that are representative of an XSS attack. If the resulting HTML page sets a specific JavaScript value (document.vulnerable=true) then the tool marks the page as vulnerable to the given XSS string. The tool does not attempting to compromise the security of the given system. It looks for possible entry points for an attack against the system” – Security Compass

XSSMe addon is a sidebar tool where we can see all the details of the forms in the current page and select the fields we want to test for XSS. To make things simpler, we have 2 buttons which can be used to test all the fields for Top/All XSS tests.

Click on the image at the right to view it larger

Once we click on test button, we get a dialog box which displays the progress of the running tests. It takes few minutes to complete the tests and depends on the Internet connection speed. We can easily tweak the options if we need this to run quickly and is explained in the latter part of the post.

Working

XSSMe detects the XSS vulnerabilities by automatically submitting the forms which has its field values tampered with XSS scripts and then analyses the response to check whether the output was encoded or not. Each page is loaded in a new tab and then the values are submitted and the tab are closed automatically before testing for the next script.

XSSMe in Action

XSSMe Options

There are few options available in this addon which can help us tweak the results we are looking for. We can change the character set, which XSSMe uses by default, to speed up the process. We can add/remove custom XSS vectors (XSS scripts). The whole list can be exported so that it can be reused later.

Final Report

Once the assessment is complete, final report is displayed which gives us the information on which fields are vulnerable and which XSS scripts got executed. At a quick glance we can check the characters which came out unencoded from the ‘XSS Heuristic Test Results’ section. From the below screenshot, we can find that all the special characters which are used for constructing malicious scripts were found to be unencoded when passed through field1. This implies that field1 is vulnerable to XSS attacks.

Download XSSMe :

(To be continued…)

In the previous post, Secfox Part 1, we had seen how to customize the environment in FireFox to get better ease of use and more workspace. Now its time to fill in the addons.

This post has two sections, the first explains how to obtain details of any website (Information Gathering) and the second deals with analysis and understanding of HTTP raw header information.

Addon 1: Domain Details

DomainDetails addon, can be helpful in finding out Server Type, Headers, IP Address, Location Flag, and Whois information of any website you browse with Firefox. Once you install the addon, Server name, Ip address of the current website is displayed in the status bar, and a tiny button is displayed, clicking on that will display a menu which gives access to explore more details of that website.

SecFox Addon, How?

How can this addon be useful while performing the security assessments?

1. Display’s Server Name and Version - This info can be used to search for the open vulnerabilities found in the target server. Several advisories publishes vulnerabilities associated with a particular version of various servers; the sites like milw0rm, cert, Secunia, etc holds a repository of latest advisories.

2. Displays IP Address – Input of several vulnerability scanners(like nmap) will be the IP address of the target website. Ideally, to obtain the IP address of the target, we would have to do ns lookup (open cmd prompt, then nslookup www.targetsite.com), but with with DomainDetails we can directly lookup IP address of the website immediately while the page loads.

3. Webpage fingerprint – Whois is used for querying authoritative registries/ databases to discover the owner of a domain name, an IP address, or an autonomous system number of the target website. Online sites like Whois.net, DNSStuff, Central Ops gives server info any many other details about any site you search for. Domain Details just adds option to directly search for these details from the statusbar menu, saving us few of our preciuos keystrokes.

Demo

Download DomainDetails :

Addon 2 : LiveHTTP Headers

The addon LiveHTTP Headers is one of the must have addon if you are a security analyst. This addon displays the RAW HTTP Headers (Request and Response) for the webpage you are browsing.

SecFox Addon, How?

1. Display’s server Name and Version – As explained in the previous section, this can be used to find out and exploit the known vulnerabilities found in the target server.

2. Displays the Response Code - This is very helpful in knowing how the server responds for any client request. So if there is any misconfiguration in the server so that a particular request of the client forces the client to behave indifferently and exposing the vulnerability.

3. Cookie Config – This also displays the cookie config set at the server. For example if we observe that in the server response, for any request sent for any sensitive pages, that Cache-Control: no-cache is not present, then it means that those sensitive pages are cached and be visible for those who are not intended to.

4. Replay any forged request – We can modify the POST data and replay it from this addon. This means that we are bypassing any client side validations present in that site.

5. Monitor Cookie Info – We can also monitor the cookie value and try to reverse engineer and decode its value.

6. This list continues – Analysis of HTTP Headers would will be the first step when doing the security assessments and LiveHTTP Headers will be the key to get it. We can break the headers into parts and research on that to get the best out of it.

More info on HTTP Headers

Demo

Download LiveHTTP Headers :

Stay Tuned coming posts features more security addons and its usage…

–

SecFox is nothing but a customized version of Firefox which is intended for performing web application security tests and audits. Using SecFox reduces time and effort we would have put if we had used any other browser along with tons of free + commercial tools used for testing the apps.

Firefox is an amazing browser whose features can be extended by installing addons or tweaking the browser itself. This feature of it is utilized to the max for building a powerful hacking/testing tool, SecFox.

This articles(split into sections) details the process of creating SecFox and also includes the usage of various security related firefox addons with relevant examples and screencasts.

“Leave me alone” says Firefox (Create a new profile and let your default Firefox alone)

Before turning Firefox to Secfox, we need to make sure that we don’t mess up with the settings of the existing firefox browser (default profile). For that, we will have to create a new profile called ‘SecFox’. Any modifications, like installing addons or change browser settings, we make while using the SecFox profile will not affect the default profile.

Tweak Firefox Config. (Enable profilemanager)

1. Type about:config in the addressbar
2. In the filter, type ‘profile’ and change profile.manage_only_at_launch to true (default is false).
3. Close firefox

Now create a shortcut of firefox in your desktop and RightClick and open the properties. Now modify the target parameter as shown below.
%Firefox_Installation_Directory%firefox.exe -P -no-remote

Create a new profile ‘SecFox’ with Profile Manager.

To Run the New Profile, create a new shortcut and use the following command
%Firefox_Installation_Directory% firefox.exe -P SecFox -no-remote

You can create 2 shortcuts, one for your default ‘firefox’ and other for ‘secfox’ by using the above command.

Note: -no-remote parameter is used to run mutiple firefox instances simultaneously.

Are you SecFox or Firefox? (How to identify)

While running Secfox and default profile simultaneously, we will have trouble in identifying and switching to the profile required profile. So we need to modify the GUI and other properties of the profiles so that the difference is very much visible and the needed is easily accessible.

Change Desktop Icons

The first activity in this step would be setting different icons for the 2 profiles. Try changing the Secfox to some geeky looking dark icon. IÂ used the icon from crystalXp, which can be downloaded from here.

Differentiate with help of themes

Once you have your firefox windows open, while switching the browser windows (during Alt-tab), you will still find difficulty in mapping browser window and its corresponding profile. So the best option would be to put easily identifiable theme on SecFox. I used black version of the default theme for my new Sec profile, which you can get it from here.

Change Firefox Title

Tweak your titlebar so that you can identify your profile even if Firefox windows are minimized. Download and install Titlebar Tweaks in both the profiles. After installation go to Titlebar Tweak Options and select ‘Browser Name – Webpage Title’ layout. Click on the Browser Name tab and type in ‘S’ and ‘F’ as Browser names, for SecFox profile and default profile respectively.

Install ‘Must Have’ Addons:

Before installing addons which can help us with testing the web applications, we would want to install couple of addons which will definitely help us at later point of time.

FaviconizeTab :

As a tester you might need to keep loads and loads of tabs open that means less space to work and more confusion. FaviconizeTab helps in reducing the size of the tabs and thereby helping us to keep more tabs in little space. Download FaviconizeTab.

Check the post, Ultimate Clutter reduction with Favicons, for amazing tips with FaviconizeTab.

FireGestures :

Control your Firefox with mouse gestures. This can be very useful when you want to do some quick browser navigation (like switching tabs, close tabs, open link in new tab etc). This again will be of great use once we start testing websites. Download FireGestures

GreaseMonkey :

Write custom scripts to modify the way in which the website works. Or load any existing greasemonkey scripts, which can be obtained from various repositories like userscripts.org, to enhance our testing. Download GreaseMonkey

Stylish :

This is similar to greasemonkey. Some cool Stylish scripts are available for download so we need this installed. Download Stylish.

Tweak Firefox Toolbar, Increase your work area:

• ‘Use Small Icons’

RightClick on the toolbar and select ‘Customize’. Check ‘Use small icons’, this reduces the width of the firefox toolbar thereby increasing the vertical space.

• Remove Home Button

We rarely use home button in present in the toolbar by default. We can remove the same by following simple steps. Open ‘Customize’ (check the above bullet) and drag-n-drop the home button from the navigation toolbar into the Customize Toolbars Window.

• Hide the Menus Toolbar (PersonalMenu)

Install Personal Menu (from here), so that we can completely replace the Menu Toolbar with a tiny menu button.

• Combine Stop & Reload Button

We can combine Stop & Reload buttons in the navigation bar by adding a small Stylish scriptfound here (check ‘Must Have’ addons section above to install Stylish). This will display stop icon while loading the page and changes to reload once the page has loaded.

Secfox-Firefox Side-by-Side

Once you complete all the above mentioned steps you have 2 independent firefox windows running with 2 different profiles simultaneously.

Now the new profile, SecFox, has to be made functional with various security related addons.

Upcoming posts related to SecFox will contain Info on installing and using the those addons.

(To be Continued….)