I wanted to make a list of browser plug-ins that I use and find quite important to security and daily ops work.

First, for IE (I accidently upgraded to 7.0 and didn't feel like un-installing the behemoth)

• Bayden Systems' TamperIE offers HTTPS form-tampering
• sort of a mac-daddy tamper application to change your post data on the fly, must have.
• Microsoft's IE Developer Toolbar
• Change values on the fly also get header info and more right away
• Microsoft's IE Powertoys for WebDevs
• was cool but appears the highlight and show source dont work with IE7, however still works for DOM data so I keep it.

Now the giant list for FireFox (where all the 31337 users are)

• AdBlockPlus
• This is like going from dial up to DSL, the internet all the sudden becomes “sweet”
• BlogJet
• This is also in my IE, its my blogger application
• DOM Inspector
• handy for webdev and de-construction
• DownloadThemAll
• I dont like to click and this is a price-less tool for saving clicks.
• GoogleBrowserSynch
• I dont like how big google is and I dont like the idea of google watching what I browse, this was just an interesting tool since I am on lots of computers, I just dont have the guts to sign-in yet.
• GoogleToolBar
• this is a must, duh.
• HttpHeaders
• handy for webdev and de-construction
• ModifyHeaders
• handy for webdev and de-construction, and user-agent mods
• NoScript
• The only “security” leo laporte knows with out steve giving him a script. Handy for hacking things.
• RefControl
• spoof the referrer to the server.
• PDF Download
• sometime I like to download pdf’s sometimes I like to view them live, this lets me choose.
• Tamper Data
• same as TemperIE but for zilla
• ULRParms
• Different type of TamperData type plugin
• User Agent Switcher
• mac-daddy agent switcher, here is my browser list in XML for import
• File Attachment: useragentswitcher.xml (9 KB)
• WebDev
• This tools is mostly a must for anyone, you can quickly shut on and off and mod parts of sites.

Update June2008:
some good hack tools
http://www.securitycompass.com/exploitme.shtml

if you ever get me started on “24kgold connectors” you know how much I hate magnolia hi-fi and all the sales people there how they push monster and higher grade connectors.

Here is a podcast that is a full hour of how to cable your AV equipment

 

 

I just found out that quick basic is public domain. I learned to program with qbasic way back in grade school. Time to dig up some of my old programs, but I couldnt afford the version with the compiler.

Something to check out, info stolen from wikipedia

Perhaps the most notable new feature of Windows Server 2008 is a new variation of installation called Server Core. Server Core is a significantly scaled-back installation where no Windows Explorer shell is installed, and all configuration and maintenance is done entirely through command line interface windows, or by connecting to the machine remotely using Microsoft Management Console. Server Core also does not include the .NET Framework, Internet Explorer or many other features not related to core server features. A Server Core machine can be configured for several basic roles: Domain controller/Active Directory Domain Services, ADLDS (ADAM), DNS Server, DHCP Server, file server, print server, Windows Media Server, Terminal Services Easy Print, TS Remote Programs, and TS Gateway, IIS 7 web server and Windows Server Virtualization virtual server. This last role is projected to be available at most 180 days after release of Windows Server 2008.

Setup reference

Server role reference

 

I always seem to loose these KB’s when I’m building a dev server and need to backup or transfer or export the MS-SQL accounts. Here is the kb for sql 7.x and sql 2005

the wedding day is planed for 6–6–08 at pickering barn

a while back in a post i did about pass-the-hash I posted about a tool msvctl a tool that truesec built to pass the hash like the SMB hack. They said they would never release it, haha looks like its up on the truesec tools page.