Penetration Testing

Firefox for Pentester: Privacy and Protection Add-ons

In today’s article, we will facilitate ourselves with the skill of protecting us online. Firefox is a web browser developed by Mozilla. With its latest quantum update, it provides us with improved speed and unique design. Firefox is an amazing web browser, its user friendly and customizable. When we talk about penetration testers or security analysts; Firefox is the go-to browser for it. It has various add-ons that help us to protect us online and allow us to have some privacy post-Snowden revelations. The internet is the big unknown and the most non-trustable world in itself. Every month or so there are data breaches and malware attacks such as ransomware and other than this you are never secure. Various websites poach your data, personal information, etc. Accidentally stumbling upon an ad and then being bombarded with it. Now, if you are looking to get away from all this, then this article is the answer for you. But before can talk about the various add-on that helps us to stay protected, we will talk about profiling in Firefox.

Table of Content:

  • Profiling in Firefox
  • Plug-ins
    • uBlock Origin
    • uMatrix
    • HTTPS Everywhere
    • Privacy settings
    • No Script
    • Privacy Badger
    • Decentraleyes
    • Terms of Service: Didn’t Read
    • Snowflake
    • Temporary Containers

Profiling in Firefox

In Firefox, you can create various profiles according to your needs in the browser as these profiles are customizable.  For instance, you can have one profile for research purposes and others for VAPT. Creating these profiles is convenient and quite easy.  To create a profile, open your Firefox browser and type “about:profiles” in the URL tab. Then simply left-click on “Create New Tab”. as shown in the image below:

Once you click on “Create New Profile”, a dialogue box will open. Fill the name of the profile you want like here like we gave “Research_division”. After that click on the “Finish” button and the profile will be created.

Similarly, you can create as many profiles as you want with different names depending on your needs. In the image below you can see that we have created yet another profile by the name of Privacy and Protections. The default location of every profile in windows is C:\Users\%username%\AppData\Roaming\Mozilla\Firefox\Profiles and in Linux the path will be /root.mozilla/firefox/. Privacy and Protection (as shown in the image below) but you can always change it as per your desire.

Both of our profiles are created as we wanted with individual personalization, just as shown in the image below. These profiles separates all the information, plug-ins, and settings from one another. Once all the profiles are created it will give you an option whether you want to set a profile as default or launch it in new browser window. You can also rename or remove the profiles. It also gives you an option to directly open the directly where the profiles are located. You will find both root directory and local directory paths there.

Plug-ins

uBlock Origin

uBlock is created by Raymond Hill. It is an open-source extension. It blocks all the advertisement generally and especially the ones which can potentially be malicious. It even filters out the URL of various advertisement which use trackers to pursue your preferences and information. The major feature of this amazing ad blocker is that it even blocks the latest tracking techniques such as CNAMEs. When you traverse yourself from website to website, uBlock stops one website to share your data with another. This technique of websites sharing data with each other is  harder  to pinpoint with other ad blockers as this particular issue remains but,  with uBlock origin; this is not a problem. Along with all this, it also blocks pop-ups, cosmetic ads, remote fonts, even disables JavaScript. Bonus to this, it removes Youtube ads too.

To add this extension in your browser, simply open your browser. And then search for the particular extension. From the extension store, click on the “Add to Firefox” button and then again, from the pop-up dialogue box click on the “add button” as shown in the image below. The extension will be added to your browser. And you can customise the settings of the extension from the extension widget on the right-hand side of the URL tab.

uMatrix

uMatrix is an add-on created by Raymond Hill as well. This add-on was developed to easily control your web-content i.e. you can permit what will load on your browser and what not. This add-on works like a firewall prevents the websites to use your cookies and it protects you from malware, trackers, bloatware, etc. the important thing to remember, as the data loads in the browsers, is that as this add-on blocks tracker and disallow unnecessary codes to execute themselves; it increases internet and page load up speed. Even the bandwidth consumption improves. uMAtrix takes precautional steps and blocks third-party domain which makes it difficult to access some sites but that can be controlled depending on your demands. Things that you can control via uMatrix are:

  • Cookies
  • CSS
  • Image
  • Media
  • Scripts
  • XHR
  • Frame

To add this extension in your browser, simply open your browser. And then search for the particular extension. From the extension store, click on the “Add to Firefox” button and then again, from the pop-up dialogue box click on the “add button” as shown in the image below. The extension will be added to your browser. And you can customise the settings of the extension from the extension widget on the right-hand side of the URL tab.

HTTPS Everywhere

There is a multitude of websites all over the internet that does not have SSL layer protection. Almost all of these are used as a decoy to hack or are prone to the Man In The Middle (MITM) attacks itself. Upon surfing the web, you can never be sure which website is which and whether it is safe to browse them. Hence, HTTPS Everywhere is the answer to this problem as it protects from such online threats. This browser extension provides you with an SSL/TSL layer of protection across the internet. This layer of protection enables you to encrypt whatever the information is sent or received from the website, which makes you data safe from attacks like spoofing, sniffing, MITM, etc.

To add this extension in your browser, simply open your browser. And then search for the particular extension. From the extension store, click on the “Add to Firefox” button and then again, from the pop-up dialogue box click on the “add button” as shown in the image below. The extension will be added to your browser. And you can customise the settings of the extension from the extension widget on the right-hand side of the URL tab.

Privacy Settings

This extension is developed by Jeremy Schomery. This is the most convenient extension as it brings all the privacy settings options together in one place. All the settings can be adjusted from the pop-menu of the extension. It has a tool panel for all our preferences. To provide you with privacy this extension makes sure that no data is sent to a third-party website.

To add this extension in your browser, simply open your browser. And then search for the particular extension. From the extension store, click on the “Add to Firefox” button and then again, from the pop-up dialogue box click on the “add button” as shown in the image below. The extension will be added to your browser. And you can customise the settings of the extension from the extension widget on the right-hand side of the URL tab.

NoScript Security Suite

NoScript Security Suite is developed by Giorgio Maone. It is referred to as a suite as it provides various security measures for both developers and security analysts. To be entirely secure, many security analysts argue that disabling JavaScript on the browser is an important practice. There are few but major browser vulnerabilities that exploit JavaScript to attack the target. Although almost all the websites try and make themselves secure from these vulnerabilities. But one can never be too sure. It’s a fool’s errand to be entirely dependent on others for your protection. So, to protect themselves from their end comes to play too. And this extension helps us in achieving the said. NoScript helps to control the disabling the JavaScript as easily as possible. Here, it is important to note that many people will proclaim that today’s browsers provide us with the option of disabling JavaScript, then why do we need this extension? Here, the point to be noted is that this option is limited (limitation depends on the browser) and you cannot control it as you can with NoScript. This extension actively blocks executable content which is dismissed all over the world. It also provides security against known security exploits. Most importantly it offers client-side security by giving security against cross-site scripting (XSS) and HTML injections as it identifies the malicious request and neutralizes it. This extension also brings Application Boundaries Enforcer, this enforcer works like a firewall, and the policies of this firewall can be defined by the user. It guards the entry point of the browser which in turn helps the user to be safe from the attacks like CSRF and DNS rebinding. Anti-Clickjacking and HTTPS enhancement is also provided by this superb extension.

To add this extension in your browser, simply open your browser. And then search for the particular extension. From the extension store, click on the “Add to Firefox” button and then again, from the pop-up dialogue box click on the “add button” as shown in the image below. The extension will be added to your browser. And you can customise the settings of the extension from the extension widget on the right-hand side of the URL tab.

Privacy Badger

This add-on is developed by EFF Technologists and they have done amazing work with this add-on. While surfing the internet, privacy is a must. But there is a swarm of tracking ads, clickbait ads, etc. online that interrupt your smooth surfing and bait you to fall victim to these without even knowing. The worst part is there is hardly a way to find out whether you are being tracked or not. We can simply identify the evidence, such as if you search for something online; be sure as hell that you are going to see ads regarding it for a long time, and hence the online tracking. The privacy badger extension comes handy here. This extension is praised as it blocks cookies that track you even if you delete them and it blocks third-party tracking too. Some third-party domains are required for the site to load itself, this requirement can be of maps, images, etc. Here, this tool will analyze it and allow the important requirements and disallow the tracking cookies and referrers. The cookies that have a tracking id or are hidden are not allowed because of this add-on. It even identifies super cookies that keep a track of you. The add-on works in incognito mode as well and allows you to whitelist the domains. The feature of whitelisting the domains is provided so that if you want to allow a tracking domain you can allow it as your requirement. This tool works by identifying the domain’s behaviour and it also has a yellow list. This yellow list contains the name of the websites that are surely collecting your data and tracking you.

To add this extension in your browser, simply open your browser. And then search for the particular extension. From the extension store, click on the “Add to Firefox” button and then again, from the pop-up dialogue box click on the “add button” as shown in the image below. The extension will be added to your browser. And you can customise the settings of the extension from the extension widget on the right-hand side of the URL tab.

Decentraleyes

Decentrelayes is developed by Thomas Reintjes. This is a wonderful add-on and must have you are serious about privacy and protection. Usually while browsing the internet, you are connected to public Content Delivery Network. This connection allows you to access important and necessary javascript libraries that allow the content to be loaded on your webpage. Now here is the thing, being constantly connected to public CDNs is insecure in terms of privacy and tracking and it’s a pickle because you can’t surf the net without such libraries. To all these problems, Decentrelayes is the solution. To server, you with the motto of privacy and anti-tracking Decenterelayes takes the necessary libraries and store them on your local machine. This way when you are online, you don’t need to be connected to public CDNs as you can use the local ones. The fourteen JavaScript libraries provided by Decentrelayes are:

  • AngularJS
  • js
  • Dojo
  • js
  • Ext Core
  • JQuery
  • JQuery UI
  • Modemizr
  • MooTools
  • Prototype
  • Scriptaculous
  • SWFObject
  • js
  • Web Font Loader

And the list of networks supported by this marvellous extension is as following :

  • Google Hosted Libraries
  • Microsoft Ajax
  • Cloudflare
  • JSDelivr
  • Yandex CDN
  • Baidu CDN
  • Sina Public Resources
  • UpYun libraries

It works by analyzing HTML code. After studying the HTML data, it will take the public CDNs and swap it with the local ones that it provides. This way the request to the external CDN is never sent from the browser. Hence, they can’t track your online activity or access your data.

To add this extension in your browser, simply open your browser. And then search for the particular extension. From the extension store, click on the “Add to Firefox” button and then again, from the pop-up dialogue box click on the “add button” as shown in the image below. The extension will be added to your browser. And you can customise the settings of the extension from the extension widget on the right-hand side of the URL tab.

Terms of Service; Didn’t Read

Terms of Service; Didn’t Read is a browser extension developed by Abdullah Diaa, Hugo, Michiel de Jong. The name of the extension is a wordplay on the phrase “Too long; Didn’t Read”. This is the simplest and yet most important extension. When it comes to Terms and Services of a website, nobody wastes time in click “I Agree” or “I Accept”. The sheer quantity and complicated text confuse everybody. We all do it but none of us has the tiniest bit of idea what we are agreeing to. Hence, this extension. This add-on comes handy as it grades the Terms of Services provided by various websites. These grades are from A to E; where A is best and E is worst. It also reviews the privacy policies as positive, negative, and neutral. Now after knowing the gest of Terms of Services through this extension, it is wholly on the user whether to access the website or not. The purpose of this add-on is to aware of the user of the authenticity of the sites that they are using and letting them know about the policies and what they are agreeing to; just so they can form an opinion and decide whether they want to continue or not. According to us, this is a must-have extension as different exploitation in terms of identity theft, data collection, accessing personal information, etc through Terms of Services unveils every other day.

To add this extension in your browser, simply open your browser. And then search for the particular extension. From the extension store, click on the “Add to Firefox” button and then again, from the pop-up dialogue box click on the “add button” as shown in the image below. The extension will be added to your browser. And you can customise the settings of the extension from the extension widget on the right-hand side of the URL tab.

Snowflake

Snowflake extension is created by The Tor Project. It was developed to give easy access to the Tor Network after the governments banned Tor bridges. As it is the Tor network, it allows you to be anonymous on the internet; all the while protecting your data and identity. This web browser extension allows you to tap into the tor network through a proxy and this network has multitudes of servers. The entry points to these servers are known as tor bridge and there are Tor relays too that bounce the traffic and helps one to stay anonymous as long as they are surfing. As it allows you to stay anonymous, you are protected against tracking and even your data could not be collected. It also helps with hiding IP address.

To add this extension in your browser, simply open your browser. And then search for the particular extension. From the extension store, click on the “Add to Firefox” button and then again, from the pop-up dialogue box click on the “add button” as shown in the image below. The extension will be added to your browser. And you can customise the settings of the extension from the extension widget on the right-hand side of the URL tab.

Temporary Containers

When you browse the internet traditionally, it saves all your cookies and cache in a single place. This makes it easy for them to steal our data, intrude on our privacy, and track us. But if you separately contain all this somewhere then the problem will be solved. And it is possible to do so with Temporary Containers. It allows you to create a container through which you can surf the internet without worry about being tracked. The containers created by this extension are secluded as it aims to segregate the data from the rest of the browser. These containers are the same as basic profiling provided by Firefox (as mentioned at the start of this article). And by combining both profiling and this Temporary Containers browser extension, your browser will create a secure and safer environment for you to surf through the internet as the containers are removed when the last tab is closed and so its data. Automatic or manual; both modes are supported by it. 

To add this extension in your browser, simply open your browser. And then search for the particular extension. From the extension store, click on the “Add to Firefox” button and then again, from the pop-up dialogue box click on the “add button” as shown in the image below. The extension will be added to your browser. And you can customise the settings of the extension from the extension widget on the right-hand side of the URL tab.

Conclusion

Major social media, shopping websites, and other webpages track you through your likes and dislikes, along with your location. Maintain a log of your every online activity. They even track the things that you start to write but do not post to track your self-censorship. And these are just a few things that we have mentioned. To get a better sense of internet tracking you can read this article here. And using all such add-ons, you can be safe and secure online by accessing quick and secure internet with amplified protection.

All of these Add-ons are open source and free to use. These are trustable Add-ons that provide security and privacy to any user using it. The best thing is all of these can be customised to the user’s needs and requirements. Using these extensions consciously and properly will make you non-existent as far as the online tracking goes.

Author: Yashika Dhir is a Cyber Security Researcher, Penetration Tester, Red Teamer, Purple Team enthusiast. Contact her on Linkedin and Twitter