 |
| Mantra Browser |
Hey guyz...want to try penetration testing without going through the hassle of finding ADD-ONS and adding them to your browser, want to hack into your friends account by stealing cookies(Session Hijacking)? I'm sure the answer is yes, I mean who wouldn't. But hacking into your friends account and messing with him takes a little more than just finding and adding add-ons. But if you know how to do that, then certainly this new browser called MANTRA will make your work even easier. This new Browser is a collection of open source tools bound together with a browser to make the work of penetration testers and hackers easier. Its just like Backtrack as it provides penetration testing tools under one roof for you to just start hacking if you know how to and not going through the hassle of going and finding the tools first.Mantra is available on Backtrack 5, you can get it by click on Applications–>Backtrack–>Vulnerability assessment–>Vulnerability scanner–>Mantra. It is a user friendly,portable and GUI framework, you can carry it on flash drives and CD/DVD.
DOWNLOAD MANTRA
DOWNLOAD MANTRA
Before I tell you about the tools that come with this browser I think you should take a peek into the world of HACKING using MANTRA. Here is a video to take you there :
The beta version of Mantra Security Toolkit contains following tools built onto it. You can also always suggest any tools/ scripts that you would like see in the next release.
- Access Me
- Add N Edit Cookies+
- Chickenfoot
- CookieSwap
- DOM inspector
- Domain Details
- Firebug
- Firebug Autocompleter
- Firecookie
- FireFTP
- Firesheep
- FormBug
- FoxyProxy
- Google Site Indexer
- Greasemonkey
- Groundspeed
- HackBar
- Host Spy
- HttpFox
- iMacros
- JavaScript Deobfuscator
- JSview
- Key Manager
- Library Detector
- Live HTTP Headers
- PassiveRecon
- Poster
- RefControl
- Refspoof
- RESTClient
- RESTTest
- Resurrect Pages
- Selenium IDE
- SQL Inject ME
- Tamper Data
- URL Flipper
- User Agent Switcher
- Vitzo WHOIS
- Wappalyzer
- Web Developer
- XSS Me
Information Gathering
 | Flagfox Displays a flag icon indicating the current webserver’s physical location with many additional features. |  | JSView Get straight access to scripts and stylesheets included in the current web page. | |
 | PassiveRecon Perform passive discovery of target resources utilizing publicly available information. |  | Wappalyzer Uncovers underlying technologies used on websites like CMS, e-commerce systems, JavaScript frameworks, analytics tools etc.. | |
 | View Dependencies Shows you all the files which were loaded to show the current page. |  | Link Sidebar View, search and test hyperlinks in a web page. |
Editors
| JSView Get straight access to scripts and stylesheets included in the current web page. View the source code external stylesheets and javascripts |  | Firebug Edit, debug, and monitor CSS, HTML, and JavaScript live in any web page. |
Network Utilities
 | FireFTP FTP/SFTP Client which provides intuitive access to FTP/SFTP servers. |  | DNS Cache Allows you to disable and enable the DNS Cache of Firefox | |
 | SQLite Manager Manage any SQLite database on your computer. |  | HTTP Fox Monitors and analyzes all incoming and outgoing HTTP traffic between the browser and the web servers. | |
 | FireSSH SSH Client |
Misc
 | Greasemonkey Customize the way webpages look and function. A userscript manager for Firefox |  | Greasefire Automatically finds Greasemonkey scripts on Userscripts.org. | |
| CacheToggle Disable and optionally clear the browser cache with the flick of a switch. | | URL Flipper Easily increment or decrement a portion of a URL without having to manually edit the text in the Location Bar. | |
 | Event Spy DOM Event spy addon. Lets you watch JavaScript events as they occur. |  | Stacked Inspector Switch DOM Inspector to an over/under vertical layout instead of the usual side-by-side panel layout. | |
 | Scriptish The greatest user script engine on the Internet (a fork of Greasemonkey). |  | Session Manager Session Manager saves and restores the state of all windows. It can also automatically save the state of open windows individually. | |
| Fire Encrypter Encrypt, decrypt and hashing functions utility. |
Application Auditing
 | Hackbar Simple security audit / Penetration test tool. |  | RESTClient Visit and test RESTful/WebDav services. | |
| Tamper Data Use tamperdata to view and modify HTTP/HTTPS headers and post parameters. |  | Live HTTP Headers View HTTP headers of a page and while browsing. | |
 | RefControl Control what gets sent as the HTTP Referer on a per-site basis. |  | User Agent Switcher Easily switch the user agent of a browser. | |
 | Web Developer Various web developer tools on browser. | | DOM Inspector Inspect and edit the live DOM of any web document or XUL application. | |
 | Inspect This Inspect the current element with the DOM Inspector. | | Form Fox Displays the form action, the site to which the information you’ve entered is being sent. | |
 | SQL Inject Me Test for SQL injection vulnerabilities which can cause a lot of damage to a web application. | | XSS Me Test for XSS vulnerabilities which can cause a lot of damage to a web application. | |
 | Cookies Manager+ View, edit and create cookies. |  | Firecookie View and manage cookies | |
 | Autofill Forms Autofill Forms enables you to fill out web forms with one click or a keyboard shortcut. |  | Cookie Monster Cookie Monster provides proactive cookie management on a site or domain level basis, including 3rd party cookies. | |
 | Fireforce Brute-force attacks on GET or POST forms |  | Groundspeed Groundspeed is an add-on that allows security testers to manipulate the application user interface to eliminate annoying limitations and client-side controls that interfere with the web application penetration tests. | |
 | Http Requester A tool for easily making HTTP requests (GET/PUT/POST/DELETE), viewing the responses, and keeping a history of transactions. |  | Modify Headers Add, modify and filter the HTTP request headers sent to web servers. This addon is particularly useful for Mobile web development, HTTP testing and privacy. | |
| Poster A developer tool for interacting with web services and other web resources that lets you make HTTP requests, set the entity body, and content type. | | Ref Spoof Easy spoofing of the URL referer (referrer) featuring a toolbar | |
| SeleniumExpertSeleniumIDE This plugin is my attempt to bring the wonderful world of inspections, tips, hints, fixes and refactoring to Selenese! | | SeleniumIDE This plugin is my attempt to bring the wonderful world of inspections, tips, hints, fixes and refactoring to Selenese! | |
| NoRedirect Take control of web page redirects for fun and profit. |  | Websecurify Websecurify is a powerful, cross-platform web security testing technology designed from the ground up with simplicity in mind. | |
| Ra.2 Blackbox DOM-based XSS Scanner |
Proxy
| HTTP Fox Monitors and analyzes all incoming and outgoing HTTP traffic between the browser and the web servers. |  | FoxyProxy Advanced proxy management tool. | |
 | Proxy Tool Powerful, yet User-friendly proxy tool to manage your proxies and anonymity needs, including: 46M+ user agents (world’s largest), 10 different spoofed HTTP referrers, auto-proxy rotation, plus many more. |
Here is another video describing the tools and utilities of MANTRA :
Don't Forget to comment below and Subscribe and Like :D PEACE
No comments:
Post a Comment