Wednesday, May 31, 2006

Firefox Tamperdata

When I'm not doing a full-blown penetration test or web app security test, I'm reluctant to take the time to set up the webscarab proxy if I want to do simple POSTs. I found the Firefox extension "Tamperdata" a bit ago, and after figuring it out, found that it allows me to fuxor with POSTs all I want with only a few clicks.

You can even leave it on without tampering and it will gather all the GETs and POSTs for later review, and even lets you export to XML! Great for doing a quick run-through of a site you were using to see if you find any "interesting" POSTs you might want to play with later...

It's quality, and it's certainly free. Get it if you're into security. (and you know what you're doing...)

No comments: