Saturday, 27 April 2013

Testing with Firefox Add-ons


Open Source Firefox Web Browser offers free and purchasable add-ons - Install and use it for Testing the Web Applications and do more with it. 



Image Courtesy: https://addons.mozilla.org/

1) Tamper Data
Used for web security/penetration testing.
Install this feature and tamper the data/request/cookies being sent to the server.
Check for client side and server side validation. Validate input fields with valid and invalid data and posted messages.


2) DoNotTrackMe
Many sites are tracking user's web activity, if you had like to obscure your activity on the web. Go for this.
DoNotTrackMe does not ensure to obscure your web activity wholly. It checks against a list of sites and blocks them for you.

Who will track your web activity?
Hosts of tracking companies and social networking sites.
What would they do with this data?
Use it to provide you suggestions/recommendations.
Misuse it to sell you something or sell the data.

3) Ghostery
Provides the user with the option to block or unblock the tracking sites.
You would want a tracker to track your web activity on a website and not track you on another.
You could white list websites that which you had frequently visit and trust.

The above two add-ons identifies the web trackers and blocks/unblocks them.


4) HTTPS Everywhere
Install this for an extra layer of privacy and security. Those sites that have implemented HTTPS [HTTP over secure socket layer] are eligible.
Anyone listening at port 80 can receive the requests made using HTTP and which could be altered.
Consider having HTTPS everywhere, HTTPS provides encryption and listens at a different port 443.
HTTPS Everywhere blocks IFRAMES.
https://encrypted.google.com/ does not permit cross-origin framing.


5) NoScript
You would want to have this add-on installed. It is nice in a way that it would block all scripts from running. Unless allowed on a page.
Consider having it installed and doing the initial research on allowing temporarily, disallowing or forbidding a site from running scripts.
Set up the list of web pages that you wish to allow/disallow from running the scripts.

NoScript provides the user with Warning on potential click jacking/UI redressing attempt.

Disallow IFRAMES with NoScript Options.


Add your list of white listed web sites.


6) FireShot
An add-on for Firefox and compatible with other browsers, that helps the users  to capture the whole of the webpage, edit, save and share it.


7) Memonic
Install this to capture and clip a certain section in a webpage. Clip it, save and share it via Email, Facebook and/or Twitter.
The above two add-ons can be used for bug reporting for web applications.
Will have to login to start using this add-on.
With Memonic, cannot capture a popped up window.

8) iMacros
iMacros can be used for Automating, for checking and for security testing and to create load on a web server, for the purpose of load testing.
Record the actions of a webpage and run it in loops for creating users, subscribing for newsletters, adding friends, sending invites and other actions that you want to perform on a daily basis like firing up all the bookmarked webpage’s.

9) Firebug
For Rapid software testing:
When testing if you would want to edit html, CSS and view how the website would look, work without the hassle of firing up a different app to view and edit the html code and style sheet. Test the website better with Firebug for usability, performance and user experience testing.

10) Yslow
The add-on Yslow provides the user with a host of guidance to enhance the performance of a webpage.
Run this for blogs, small or large website and improve the performance of the website.
Prior to installing/adding any of the add-ons to the browser check if it is compatible to your browser and its version.

For hassle free and safe browsing log on to https://addons.mozilla.org/ Look for and update the latest available add-on.  
Happy and safe Browsing :)


Firefox add-ons can be used in a variety of ways. Readers, let me know how you use the above and other add-ons to test.

2 comments:

Teme said...

I'd add Web Developer. You can check what is inside the forms without reading the source, modify form content easily etc. It also shows different kind of information about page, and you can disable e.g. cache from drop down menu.

Jyothi R said...

Hi.
Teme.

I got the Web Developer add-on added to the Firefox browser.
Have tried using the scratchpad and the Developer toolbar. Got to explore and learn.
Thank you for the suggestion.