Top 10 Browser Extensions for Hackers & OSINT Researchers [Tutorial]

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
we've had a lot of comments on our YouTube channel asking about the browser extensions I use a lot of these are useful both for hacking and for Osen investigations and today we'll break down ten categories of my favorite browser extensions on this episode of cyber weapons Bob [Music] [Applause] [Music] for hackers or Osen researchers it's essential to be able to control your browser this means being able to pull more information out of websites like clues about eggs of data or location information and also be able to control what your browser puts out which could be identifying information that tips off the person you're looking into now this functionality can be expanded with browser extensions both were Firefox and Chrome and this allows us to pick and choose what we want to do with our browser rather than just going with the default settings now there are different ways of doing this and the most private way is to create a virtual machine and then within that have a browser with a bunch of different extensions in order to make sure your system isn't leaking information now the best operating system I found for this is busca Door OS so it's one of the ones we'll be covering today however the majority of the extensions that are available in that are also available in your normal everyday browser now because we've got a lot of questions about this in the YouTube show I'm gonna break this down into ten categories and go through why I think each one is valuable and how it can help even investigator an investigator or a hacker who's looking to use their browser in some interesting ways now this will range everything from forensic investigation tools that allow us to go back into the history of a website or copy it so that we have a forensic record all the way into doing things like maybe getting a different version of a website by spoofing our user agent and pretending that we are device that we're not now in order to follow along with this you'll just need a browser and an internet connection so as soon as you have both of those ready then we're ready to begin now I wanted to break this down into ten useful categories that will work across not just Chrome but also Firefox and other browsers you might be using now these are kind of general categories but I will show you some specific examples and we'll take a look at different ways that we can use them aside from just adding them to your existing browser now the first I want to point out and probably the most secure is to download a virtual machine that already has these set up and one of my favorites is busca Door OS which you can find on the Intel techniques website now Mike Gesell is really awesome about having these pre-installed and allows us to just kind of run this on a virtual machine and then have all the benefit of having it set up by an expert and it includes an underling custom scripts that he wrote but also some generally useful browser extensions that collect forensic evidence and assist during Osen investigations now for a hacker this is perfect because it not only protects your anonymity by allowing easy access to tools like tor it also allows you to have all these things plugged in in a disposable format so you can just spin up a operating system do whatever you need and then destroy the virtual machine when you're done with it now if you don't want to do that let's step through a couple different things we can do in order to make this process of using a browser more interesting and more secure and the first thing starts with controlling the input and output of the browser now what I mean by that is the browser input is the way that a website will be rendered and we can control this by maybe requesting a different version of the website let's go to the Pasadena Humane Society and we can see that if we change our user agent it will actually sometimes render us a different version of the website now I don't know if it will with this looks like it's not too reactive but if we were to go to something like Reddit and then this is the normal site refresh it we should start to see some subtle differences when we start to go to a mobile device yep and a tablets and stuff like that so the reason for that is because when we're sending out a request we're also including information about our browser and we can get different responses based on the way that we're presenting ourselves so by controlling the way our browser is expressing itself to the server and saying basically what it is and what kind of information it needs to properly display the website we can influence what comes back and this is useful for for example maybe bypassing a paywall on a an article or news website where they allow things like a Bing spider which indexes things for search results to go through when they would otherwise kind of bar general user agents from getting in so if I set this to Google spider then a lot of the time it will allow us to get into things that normally would not be accessible although in this case it looks like the opposite because reddit's trying not to be indexed in that way so all right let's take a look at the various things we can take a look we can do with the browser and the first thing is when we're talking about output preventing ourselves from being tracked as we go to various websites with tools like you block origin and privacy badger now these privacy focused tools keep an eye on the requests that are going out and also mitigate some of the technologies that we covered with tools like canary tokens or grab a file that allow us to track people who go to certain links while this can't prevent you from being tracked over like absolutely everything and there are some other technologies and techniques out there to identify you these are a good first step to prevent unnecessary tracking from the websites you visit and will not only tell you about the different extension different advertisers and links that are being blocked but also give the ability to turn this off if it is really breaking a particular website you need to have working now all right let's say we're an investigator and we want to see an earlier version of this website or some other website let's go to PBS new PBS KIDS that sounds fun alright so if we go to this website we might want to see an earlier version of this and I'm gonna go ahead and turn off our user agent spoofer so it doesn't render out a weird version and if I wanted to see what this website looked previously maybe the owners of the website had put up some more personal information and then realized they should take it down later or something like that we can go back in time with extensions that allow us access to services like the Internet Archive or other archive versions of the website now the Internet Archive allows us to go back and find specific instances of where this has been archived and we can see all the way back to 2004 there are some versions of the website that are apparently archived and here we go we can see a really super old version of PBS KIDS all the way back from 2004 so because this might include some interesting information maybe about the organization of PBS back then who was in charge that might not be available on the current Internet we have access to previous versions of the Internet right from your browser now I think this is really cool and there's versions for about Firefox and Chrome so if you're interested in this sort of thing you can go ahead and find it both in Firefox and in Chrome as extensions and add-ons now the next thing I want to go over is XF data and there are some extensions that allow you to pull this information so that you can find out maybe where a photo was taken or if a particular person is in a is using that type of equipment that's easily identifiable now this is just a photo bucket random feed and I have no idea what these were taken on or where they were taken but if we just click on this and then see the raw photo in general these extensions allow us to begin pulling more information from the raw image file that can identify maybe where it was taken or what it was taken with now if I click on show exif data I can see from this random picture we just see a little bit of color information so if we see click on recent uploads let's see if we can find a photo with some exif data as an example maybe a little further on so here I'm gonna click on this picture of any aircraft and if I right mouse click and then show exit data then I can see that this was shot with a Fuji finepix s 5000 which is pretty incredible because I can also see it was shot in 2009 so this is an old picture I can see the exact exposure time f-stop and all the other information of the camera when it was taken and this and other information can allow me to see it even comes with a photo of the camera can allow me to identify things like maybe who took it or where it was taken although we don't have GPS information in the specific instance now the next thing that I'm going to cover is the technology profiler so if I wanted to assess an organization to see how tech-savvy they are a lot of it comes down to what technology they're using to create and maintain their website now very small organizations might use preset tools or really cheap free options like a wordpress or something like that or Wix or one of those site builders whereas a more well-funded organization might have custom infrastructure and use more kind of niche providers so if you want to find that out we can use an extension like built with now built width is also a tool that allows us kind of command line abilities and we can even use it in something else like multigo although I find it especially useful if we want to just do a drive-by on a website and find out exactly what they're using we can see all the analytics and tracking they're using and then the underlying technology that's allowing the website to function so here you can see amylose of tracking frameworks we can see they're using Ruby on Rails JavaScript libraries they're using jQuery we can see their web hosting providers Amazon they're using Apache this is a lot of information and again this is just from a browser extension we can go to any website and see the underlying technology that's running it just by clicking on this little link so for somebody who's looking at either infrastructure to attack or we want to just look and see is this the big business or small business this is useful for just about everyone in my opinion now the next step is a video downloader and this can be either for archiving a bunch of videos offline preserving forensic evidence or otherwise making sure you have a copy of something that might otherwise be taken down now there are a variety of different tools for this but this one in particular the one-click video downloader is a really good way to use a variety of different tools to download videos that might be of interest in an investigation or a pen testing kind of engagement now we aren't on a website with videos right now but if we were to go to something like YouTube and allow it to load then we should get the option to bulk download videos if there's multiple ones available or otherwise be able to retain them now that's pretty useful and I can see that it doesn't allow us specifically to do from YouTube but there's a lot of other videos you can download with it so I recommend these sorts of extensions if you want to be able to backup videos that you find online so next up is being able to access SSH devices now I've covered this before but I wanted to throw it in because if you're just on some random computer and a library something and you want to access your Raspberry Pi you can just SSH into it using this SSH extension now it's called the secure shell extension and you can just SSH routes x1 92168 0 9 probably not but as you can see it does a good attempt and all of a sudden we are in a shell attempting to connect to some other SSH device on the network without even needing to install anything fancy so if you just happen to have access to a computer with Chrome you can just slap on this extension and then start logging into random devices on the network whether or not you have a actually access to a command line at all so that's super super cool now if you have a computer and you want to mix in the traffic that you're actually using with a bunch of random stuff so it's more difficult for an Internet service provider or anyone else for that matter to start building a profile on you way of doing that is using chaff now you can just click on chaff and we'll start navigating to random different websites which is a way of just introducing a bunch of white noise and kind of throwing it a bunch of websites into the mix that you didn't really download and it's generally also very good about not going to anything too outrageous or something that you know would get you into trouble now chaff is a way that you can introduce enough noise that it throws off statistical models of maybe what you're interested in and makes the information less valuable and less useful for advertisers and other people trying to track you in automated ways now finally we're going to go into capturing data and one key way of doing that is being able to download an entire webpage so you have access to it maybe if the person decides to take it down or otherwise make it not available now I'm going to step into our busca door OS because there's more ways of doing that here than anything else that I've seen and within the browser extensions that they include in Firefox one of my favorite is Nimbus capture video download helper as we covered before and then fire shot capture now if you want to capture something like this website here we can either choose the visible part of the page a fragment the selected area or the entire page and we can even add annotations and then add it to a cloud account which is super cool if we're looking for evidence or were maybe scanning for I don't know let go of vulnerability in a website and we want to share amongst team members now we can also see fire shot is a way of doing that too I believe for this one we can just right mouse click to use it Oh both of them actually so if we want to do fire shot we can right mouse click it capture the entire page and often this well put like a - a PNG or something like that that's really really easy to take notes on and share between teams so finally on my actual browser a lot of the times I'll want to take advantage of something like an API an API is can return back JSON data which is not very nice to look at and can be really annoying so I like to format my data with things like pretty JSON or other tools that allow me to make queries to JSON data sources and the nice thing about this sort of thing is that allows us to directly access API s and start querying data in a way that is useful so you might ask well what's the purpose of this and one of them is data gov which has tons and tons and tons of information that you can build into programs and other sorts of queries and knowing how to query that data is a powerful way of doing Osen investigations when you find yourself facing access to a rich source of information that only comes back in JSON so here's some voter registration data you can see this initial view is not particularly pleasing to look at but I think after this exhausting amount of JSON data loads I should be able to format it a little more nicely let's see [Music] there we go and this is the way that the data will be formatted to look a little bit more nice and this one's called awesome JSON so these are different tools you can use to expand expand the experience of using a browser and I'm gonna throw in a couple extra just because I want to and there are some additional things out there if you're having trouble loading websites you also can include browser extensions to block images which means they'll load faster and honestly if you don't need the images or if they're just a bunch of advertisements or if you're on load bandwidth this can increase what you can do i also recommend using tools like grammerly to hide any spelling mistakes you might make persistently because those sorts of things can identify you if you do them all the time so catching your own mistakes is an important part of staying anonymous finally I highly recommend a password manager like LastPass or something that allows you to use secure passwords across your accounts because otherwise you're going to pick passwords that are really difficult to remember or are too easy to remember because they're too easy and it can be easy to have your accounts compromised because you have no real system of being able to keep track of secure passwords LastPass and other different password managers will allow you to generate secure passwords and also do things that keep track of master passwords so you don't need to keep all them at kind of memorized and that encourages people to use stronger passwords across their accounts which again is kind of the point of all this all these together will allow any hackers or people with privacy in mind to be able to use browsers to better effect and for whatever it is they want to do browser extensions allow you to expand the functionality of any browser you might happen to be using although you are concerned about your privacy I recommend using a virtual machine like busca de ouro os in VirtualBox to create a virtualized version of your operating system instead this means that you might not leak details about your operating system that otherwise could slip through and we'll provide you an extra layer of anonymity if you want to truly remain private if you have any more questions you can check out intel techniques comm for more information about busca door OS or check out the null byte article linked in the description that's all we have for this episode of cyber weapons lab make sure to LIKE comment and subscribe and if you have any thoughts or ideas for future episodes send me a message on Twitter because I'd love to hear from you we'll see you next time you
Info
Channel: Null Byte
Views: 354,655
Rating: undefined out of 5
Keywords: wht, wonderhowto, nullbyte, null byte, hack, hacking, hacker, hacks, hackers, how to hack, howto, how to, tutorial, guide, cyber weapon, cyber weapons, cyber, OSINT, OSINT Researchers, Broswers, Chrome, Firefox, Buscador, top 10, top 10 browser extensions, Browser Extensions, buscador, buscador os, virtual machine, vm, virtualbox, extensiion, add-on, mozilla, google, web browser, research
Id: F3tJUNHbwnA
Channel Id: undefined
Length: 18min 47sec (1127 seconds)
Published: Fri Jun 28 2019
Related Videos
HakByte: How to find anything on the internet with Google Dorks
Hak5
929K
Best WiFi Hacking Adapters in 2021 (Kali Linux / Parrot OS)
David Bombal
497K
Intercept Images from a Security Camera Using Wireshark [Tutorial]
Null Byte
807K
Aaron Jones: Introduction to Shodan
Brian Cluff
182K
102 Deep Dive in the Dark Web OSINT Style Kirby Plessas
Adrian Crenshaw
32K
Find Information from a Phone Number Using OSINT Tools [Tutorial]
Null Byte
4.4M
Hacking a Samsung Galaxy for $6,000,000 in Bitcoin!?
Joe Grand
2.7M
Hack like Mr Robot // WiFi, Bluetooth and Scada hacking
David Bombal
1.4M
Catch Catfish on the Internet with Grabify Tracking Links [Tutorial]
Null Byte
633K
Use Your Home PC from ANYWHERE???
Kalos Likes Computers
552K
Find Vulnerable Services & Hidden Info Using Google Dorks [Tutorial]
Null Byte
1.7M
AI is Evolving Faster Than You Think [GPT-4 and beyond]
ColdFusion
1.6M
AI in Your Web Browser is a GAME CHANGER | Microsoft Edge
Kevin Stratvert
142K
HELP!! (for when you suck at Linux) // Linux for Hackers // EP3
NetworkChuck
667K
Use Skiptracer to Gather License Plate OSINT Data [Tutorial]
Null Byte
133K
Search for Vulnerable Devices Around the World with Shodan [Tutorial]
Null Byte
470K
DON'T USE GMAIL unless you make these 5 Critical Security Changes
All Things Secured
296K
Top Hacking Books for 2023
David Bombal
241K
Complete ChatGPT Tutorial - [Become A Power User in 30 Minutes]
Santrel Media
785K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.