OWASP Mantra FF
Web application security testing framework built on top of Firefox. Mantra is a browser designed for security testing with built-in tools for header manipulation, request replay, and proxy switching.
Description
Mantra is a browser especially designed for web application security testing. By having such a product, more people will come to know the easiness and flexibility of being able to follow basic testing procedures within the browser. Mantra believes that having such a portable, easy to use and yet powerful platform can be helpful for the industry.
Mantra has many built-in tools to modify headers, manipulate input strings, replay GET/POST requests, edit cookies, quickly switch between multiple proxies, control forced redirects etc. This makes it a good software for performing basic security checks and sometimes, exploitation. Thus, Mantra can be used to solve basic levels of various web based CTFs, showcase security issues in vulnerable web applications etc.
How It Works
Mantra operates as a portable Firefox browser instance with a custom profile directory located at /usr/share/owasp-mantra-ff/Mantra. It runs in portable mode with debug/info logging enabled, providing built-in security testing tools directly within the browser interface for header modification, request manipulation, cookie editing, proxy switching, and redirect control.
Installation
sudo apt install owasp-mantra-ffFlags
Examples
owasp-mantra-ff -howasp-mantra-ffsudo apt install owasp-mantra-ffowasp-mantra-ffowasp-mantra-ffowasp-mantra-ff