|Name||Description||Chrome Store URL||Developer||Keywords|
|AntiXSS||detect possible weak points and xss attacks||Chrome WebStore Link||XSS, Scanner|
|BuiltWith||BuiltWith is a web site profiler tool. Displays the frameworks and other libraries with which that website is built||Chrome WebStore Link||link||Application Fingerprinting|
|Chrome IE Tab Multi||Run ActiveX controls on Chrome||Chrome WebStore Link||link||ActiveX testing|
|Domain Details||Domain Details provides the following information on the site you are visiting:|
- Server IP Address
- Server's Location. Based on a Geo IP database in the extension, does not poll an external service.
- Server Software. Shows icons for common servers.
- View server response headers within the extension
- Domain Whois Links
|Chrome WebStore Link||link||Network Fingerprinting|
|Edit This Cookie||This extension lets you:|
Delete all cookies in a page, Delete only the chosen cookie on a page, Edit any cookie, Add a new cookie, Search a cookie, Protect a cookie (read-only), Block cookies (cookie filter)
|Chrome WebStore LinkChrome WebStore Link||Cookie Editor, Session Management/Fixation|
|Firebug Lite||Firebug Lite is not a substitute for Firebug, or Chrome Developer Tools. It is a tool to be used in conjunction with these tools. Firebug Lite provides the rich visual representation we are used to see in Firebug when it comes to HTML elements, DOM elements, and Box Model shading. It provides also some cool features like inspecting HTML elemements with your mouse, and live editing CSS properties.||Chrome WebStore Link||link||Dynamic Frontend Manipulation/Injection, Bypass Client Side Validations|
|Form Fuzzer||Fuzz testing utility I created to assist in populating web forms with some random data.||Chrome WebStore Link||link||Parameter Manipulation/Injection|
|JSONView for Chrome||JSONView for chrome is an extension that helps you to parse and view JSON documents||Chrome WebStore Link||link||Helper Extension|
|Latest Sophos Security Alerts||Displays the Sophos security alerts direct in your browser||Chrome WebStore Link||Helper|
|Pendule||convert POSTs to GETs, Remove Maxlength, view selection source (syntax highlighted code appears in a new|
tab, similar to built-in view source functionnality)
|Chrome WebStore Link||Dynamic Frontend Manipulation/Injection, Bypass Client Side Validations|
|Proxy Switchy!||Proxy Switchy! is an advanced proxy manager for Google Chrome, it allows users to manage and switch between multiple proxy profiles quickly and easily.||Chrome WebStore Link||link||Proxy Tools|
|Simple REST Client||Simple REST Client is an extension for Google Chrome to help construct custom|
HTTP requests to directly test your web services.
Select the URL, method, fill the headers and body if necessary.
Analyze response headers and body.
|Chrome WebStore Link||link||Parameter Manipulation/Injection|
|Swap My Cookies||Swap My Cookies is a session manager, it manages your cookies, letting you login on any website with several different accounts. You can finally login into gmail, yahoo, hotmail, and just any website you use, with all your accounts; if you want to use another account just swap profile!||Chrome WebStore Link||Session Fixation/Management|
|Unencrypted Password Warning||Unencrypted Password Warning detects whether a password or credit card number is about to be sent with a form that does not use HTTPS.||Chrome WebStore Link||Detects Security Flaw|
|User-Agent Switcher for Chrome||The extension allows you to set a specific filtering list, so it will automatically switch user-agent strings based on the domain or URL you specify. Also, it will use and auto-update a list of sites known to use incorrect user-agent sniffing (which can be disabled.)||Chrome WebStore Link||link||Mobile Security Testing, Client-side Bypass|
|Web Developer||Official port of the popular Web Developer extension for Firefox.convert POSTs to GETs, Remove Maxlength, view selection source (syntax highlighted code appears in a new|
tab, similar to built-in view source functionnality)
|Chrome WebStore Link||link||Dynamic Frontend Manipulation/Injection, Bypass Client Side Validations|
|Websecurify||Websecurify is a powerful web application security testing platform designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies.|
This extension is useful to anyone who wants to quickly assess the security of their web applications.
|Chrome WebStore Link||link||Web Page Scanner|
|XSS Rays||Complete XSS reversing/scanner tool. Find how a site is filtering code, check for injections and inspect objects.||Chrome WebStore Link||link||XSS, Scanner|
Home / Uncategories / List of Chrome Browser Extensions for Security Analysts (Pentests)
For those who are not aware that these extenstions exist.....
List of chrome browser extensions that can be useful while performing application security assessments. On the sidenote, a similar collection exists for Firefox users – check SecFox at Mozilla Addons Collection site
Note: Below table will be updated regularly. If you find any addons that are not listed but might be useful while conducting pentests, please mention in comments. Click Chrome Store URL to access the various extentions
Additional Source: http://a4apphack.com