While modern browsers are robust and provide a lot of functionality, they can be unlocked to do some pretty spectacular things with browser extensions. For hackers and OSINT researchers, these tools can be used to defeat online tracking, log in to SSH devices, and search the internet for clues during an investigation. These are a list of my top ten favorite browser extensions for hackers — and how to use them.
Browser extensions, or add-ons, are programs that expand what a browser can do. The easiest way to think about browser extensions is to picture them as apps for your browser, with specific extensions providing add-on functions that make the browser more useful for a particular use-case. An example is the Grammarly browser extension, which automatically corrects spelling and grammar errors.
Aside from correcting spelling, browser extensions can do some pretty incredible things. By taking control of the information a browser is sending while making requests to load websites, you can better maintain your privacy and prevent easy tracking across the sites you visit. You can even get websites to behave differently depending on how you identify your system while requesting webpages, which can be useful for a variety of situations.
For OSINT researchers, browser extensions provide a way to dive into the data on the internet to learn more about every clue you find. EXIF extractors let you pull data from any images you find, data-formatting tools allow you to tap into APIs and read the data more efficiently, and there are tools to dig into archived versions of the internet to access historical data that has since been deleted.
To follow this guide, you'll need to download Google Chrome or Mozilla Firefox. Make sure your version is fully updated, then go to the Google Chrome Web Store or the Firefox Add-ons webpage to locate extensions to add to your browser.
I also recommend, as you can see in our video, that you install Buscador OS as a virtual machine since it has all of these browser extensions installed already. Using these extensions in a virtual machine will better isolate yourself from potential identifying information that your primary OS may leave behind.
Browsers can leak a lot of personal data, and this is precisely what companies that want to track you across the internet prey on. Advertisers use advanced methods of tracking across the internet that can be difficult for the average user to hide from, making it difficult to take control of the data your browser is giving away.
There are a lot of tools out there for maintaining your privacy online, but some of the best come from the Electronic Frontier Foundation. This group has a variety of different projects for hiding from user-tracking systems online, and one of the easiest to use is "Privacy Badger," available for both Mozilla Firefox and Google Chrome. It's free, open source, and helps the average user defeat hidden trackers advertisers use.
Another strong contender for maintaining privacy online is "Ublock Origin," which aside from blocking advertisers and tracking links, also allows you to see every request that is blocked in a handy filtering mode. While it's easy to disable if needing to load a particular website, the ability to automatically block trackers is a massive step to staying private online.
Above, you can see a list of every element blocked on foxnews.com. The list is huge! With Ublock's and the EFF's extensions, you can easily pull the plug on the advanced tracking techniques advertisers and other more nefarious groups use to track you online.
Have you ever wanted to see a website that's no longer available or needed to view an earlier version of an existing webpage? Doing so can often lead to finding valuable information that was removed or more specifics about the history of a company.
One of the most useful extensions for this is "Go Back in Time," which is only available for Google Chrome. On any page, you can right-click to get the option to "Go Back in Time" and select the preferred archive to search, such as the Internet Archive (via the Wayback Machine).
- Install Go Back in Time: Chrome Extension
Depending on which archive you choose, you'll have a list of previously recorded states of the webpage you're looking at. In my example, I found a 2001 version of foxnews.com, complete with dated articles about Jeb Bush.
Using browser plug-ins to study previous versions of the internet opens up information to discoveries that might not be available anywhere else.
To load webpages, your browser will send information about the device making the request to send you a version of the website you are requesting that is most appropriate for the device you are using. Unfortunately, this can also leak a lot of data about you and uniquely fingerprint your device. To get around this, we can use a user-agent switcher to pretend to be a different device.
Aside from the privacy benefits, we can also change the behavior of webpages by pretending to be a specific device. For example, Instagram only allows us to upload photos if it thinks we are a mobile device, meaning we can upload from our computer if we set our user agent to one of a smartphone. To try it out, you can install "User-Agent Switcher" by Linder on Firefox or "User-Agent Switcher and Manager" by Rynu.smith on Chrome.
Photos contain a lot of information, and the metadata attached can reveal things like where the photo was taken and what type of camera and settings were used. For getting access to the hidden information included in image files, several extensions allow you to discover Exif data with a single click.
While many websites strip Exif data out of images that are uploaded, some do not. Below, we can see exactly when this photo was shot, along with the type of camera used and the settings used, to name a few things. Good viewers include "Exif Viewer" by Alan Raskin for Firefox and "EXIF Viewer" by vdsowner for Chrome.
If you're curious about the technology running a website, it's easy to see everything powering the site with the "BuiltWith Technology Profiler." The tool allows us to quickly discover if a web app is a hastily thrown together shell disguising a scam or a well-developed investment from a legitimate business.
By clicking on the BuiltWith icon, you can see a pulled-apart version of every service a website is running. In my case, we can see the hosting, e-commerce system, and content delivery networks in place on a scam prom dress website.
Video downloaders are useful for preserving forensic evidence you find in the course of an investigation. While many Chrome extensions do not allow you to download from YouTube, many, such as "One-Click Video Downloader," will enable you to download videos from virtually any other source. For those of you intent on downloading YouTube videos, "Flash Video Downloader" for Firefox has no such restrictions on what you can download.
After installing either one, you can download videos from any of the auto-detected ones on a webpage you load. It couldn't be any easier.
If you need to log in to a local or remote SSH device, you don't need a terminal to do it! Thanks to the "SSH Agent for Google Chrome" extension, you can log in directly from the browser. If you don't want to log in to your SSH devices with a Google product, you can always give "SSHGate ssh client and terminal emulator" for Firefox a try.
If you want to keep anyone monitoring your network traffic on their toes or make aggregated data about your web traffic less useful, you can use browser extensions like "Chaff" to generate fake network traffic. According to the rules you set, Chaff will go to random websites starting from seeds you define. You can specify other variables to make the traffic look more or less realistic.
- Install Chaff: Chrome Extension
If you need to preserve or share a snapshot of a website, there are many useful tools for doing so. They include options to capture the entire page, a section, or even record a video of going through specific parts of the website.
One of my favorites is Nimbus, called "Nimbus Screenshot & Screen Video Recorder" on Chrome and "Nimbus Screen Capture: Screenshot, Edit, Annotate" on Firefox, which allows several different ways to capture a website of interest.
There are vast amounts of data available online, and much of this data is accessed through application programming interfaces, better known as APIs. Through API calls, you can do things like query the current location of any bus in most cities and access giant databases to query specific information.
APIs provide access to data from cities, governments, and other entities that can be continually updated. A standard format for this data is JSON, which can be challenging to read in a standard text format, as seen below.
Because I use a lot of APIs, I use "JSON Viewer Awesome" a lot in Chrome to help organize the data and make it easier to read. For Firefox, "JSONovich" and "JSONView" are great tools for making JSON data more readable.
While a computer you happen to find yourself on probably won't have your favorite tools, you can usually assume it will have a browser. With all the tools available for Firefox and Chrome to extend the functionality of browsing the web, logging into devices via SSH or securing your online privacy is just a browser plug-in away. While this is just a list of my favorite browser extensions, I highly recommend checking out other tools like NoScript and HTTPS Everywhere for keeping your online experience more secure.
I hope you enjoyed this guide to using browser extensions to expand what your browser is capable of! If you have any questions or comments about this tutorial on browser add-ons, ask below or feel free to reach me on Twitter @KodyKinzie.
Want to start making money as a white hat hacker? Jump-start your white-hat hacking career with our 2020 Premium Ethical Hacking Certification Training Bundle from the new Null Byte Shop and get over 60 hours of training from ethical hacking professionals.