Hacker, Researcher and Author.

How To Use Google Chrome For Hacking?

Up till now, firefox was widely used by hackers and pentesters for their day to day job due to tremendous plugins that would make their work much easier for them. However now a days i prefer google chrome more than firefox, due to wide variety of interesting extensions that may provide a great aid in hacking and pentration testing.

Their are lots and lots of google chrome extension that can be used for hacking, however i have complied a list of my favorite ones, which i use frequently in order to test different types of web applications for security vulnerabilities.

How To Use Google Chrome For Hacking - Extensions

XSS Rays

Xss rays would certainly be at the top of my list,  XSS rays includes a scanner, XSS reverser and a DOM inspection tool. Although it does makes the browser a bit unstable when you are performing heavy scans, However it's really handy in detecting XSS attacks. It's a perfect replacement to XSSME that is used in firefox for detecting XSS attacks.

Official Description

XSS Rays is a security tool to help pen test large web sites. It's core features include a XSS scanner, XSS Reverser and object inspection. Need to know how a certain page filters output? Don't have the source? No problem. XSS Rays will blackbox reverse a XSS filter without needing the source code.

Websecurify Scanner

Websecurify Scanner is a really powerful scanner capable of detecting lots of web application attacks. Although it generates lots of false positives, mostly related to CSRF attacks. However it's really handy in detecting XSS attacks. It's fully awesome automated and very user friendly.


1. All you need to do is to install the websecurity scanner from the link above and visit the following page:


2. Just enter the URL and it will automatically start scanning.

HPP Finder

HPP finder is capable of easily detecting Http Parameter Pollution attacks. HTTP Parameter Pollution is newest type of web application attacks, Their is not very much information available on it as compared to other attacks such as XSS, SQL injection. However the one that's available is very handy.

Official Description

HTTP Parameter Pollution (HPP) is a recently discovered web exploitation technique. Please read the NDSS 2010 paper for more details about the technique. HPP Finder is a Chrome extension designed for detecting HPP attempts. HPP Finder can detect URLs and HTML forms that might be susceptible of parameter pollution, but it is not a complete solution against HPP.


XSS Chef is a perfect replacement to BEEF (Browser Exploitation Framework) for google chrome, XSS chef will ease your exploitation process. I will write a complete tutorial on it.

Cookie Editor

Cookie Editor is a very useful google chrome extension for hackers, I mostly use it, when i am performing session hijacking attacks.

I hope you have liked my list of favorite google chrome extension for hacking, Depending upon the response, If i get more than 25 comments on this post, I will write up a part 2 of this post "How To Use Google Chrome For Hacking".

Feel free to ask, if you have any questions.


  1. Really Nice Article btw i feel when install more Extensions to chrome it takes More RAM usage so better to avoid rather than adding all unwanted plugins

    Final Touch was pretty nice =) u want me to Spam Here ??? =:)
    Waiting for the 2nd Part ^_0


  2. Awesome Info thnks alot RF

  3. Awesome post Thanks for sharing this :)

  4. thnx for sharing this trick...
    Learn Free Hacking, Computerz n Internet Tricks... : http://ehacktricks.blogspot.com

  5. thnkx, its really great info, thnks agn 4r shring

  6. Do these work on moblie or only a pc. U know anything about zanti and how it works ( newb) trying to learn the tricks tks

  7. Do these wk on a moblie or need a pc for this. U kw anything about zanti and how it wks (newb) trying to learn these tricks tks alot

  8. Do these work on moblie or only a pc. U know anything about zanti and how it works ( newb) trying to learn the tricks tks

  9. Great article. Hope you do part 2.


© 2016 All Rights Reserved by RHA Info Sec. Top

Contact Form


Email *

Message *

Powered by Blogger.