Samurai Web Testing Framework (WTF) Firefox Add-ons Collection

On June 2009 Mozilla released the add-ons collections feature on their add-ons web site. As a member and contributor to the SamuraiWTF project, I would like to announce the release of the SamuraiWTF Firefox add-ons collection!

The Samurai Web Testing Framework (WTF) is a LiveCD focused on web application testing. It contains a pre-installed collection of the top web application penetration testing tools, becoming the perfect environment for testing applications.

The goal of this Firefox collection is to include the best add-ons for web application penetration testing and offensive security analysis, to convert your browser in the ultimate pen-testing tool. It is aligned with the Samurai Web Testing Framework (WTK) LiveCD distribution. I plan to keep the collection updated with new web-app pen-testing add-ons, but I would like to carefully evaluate new additions (or replacements) so that the list doesn't grow to limits where it becomes unmanageable. It includes 19 add-ons at this time.

As of today, it seems it is not possible to install all add-ons from a collection with a single click. The current SamuraiWTF add-ons collection can be installed on the latest Firefox version, v3.5, with the exception of the "Add N Edit Cookies" add-on. Although this add-on works in Firefox 3.5.*, it cannot be directly installed. There is a quick hack you can apply to install it on Firefox 3.5 until the official version is updated by its developer:

• Go to the "Add N Edit Cookies" add-on webpage with a compatible old Firefox version, or with a different browser like Internet Explorer, and download the add-on (XPI file).
• Change the XPI extension on the file to ZIP.
• Extract the "install.rdf" file from the ZIP archive.
• Edit the "install.rdf" file and replace the following line (maximum version):

        <em:maxversion>3.0.*</em:maxversion>

• by:

        <em:maxversion>3.5.*</em:maxversion>

• Put (drag & drop) the new "install.rdf" file back into the ZIP archive, and it will automatically replace the old version of the file.
• Change back the ZIP extension on the file to XPI.
• At this point, you can install the recently modified XPI add-on in Firefox 3.5.
  

Once you install all the add-ons within the SamuraiWTF collection, one by one, the look and feel of your Firefox browser will notably change. I recommend you to hide the add-ons toolbars visible by default. You can individually enable them at any time, such as when you are going to use each specific add-on:

• Go to the "View" menu and select "Toolbars".
• Deselect "Access Me Toolbar", "Web Developer Toolbar", and (specially) "HackBar".
  

Finally, the "DOM Inspector" add-on has been added to the collection as it is a requirement to enable all the capabilities of the "Web Developer" add-on.

Please, take a look at the collection, feel free to share your thoughts/comments (send me an e-mail), vote for this collection if you find it useful, and enjoy it!