LazySec插件简介
🌹 这个应用程序可以在 ChromeFK 或 Google Chrome 网上应用商店进行下载。 ChromeFK上的所有插件扩展文件都是原始文件,并且 100% 安全,下载速度快。
LazySec插件描述
DESCRIPTION: LazySec is a very simple tool designed f software testers but of general use. It helps in the task of testing Lazy Security implementations, hence the name, in the UI revealing a pages Lazy Secrets, hence the name II, by accomplishing these two things: UNLOCK ELEMENTS: The extension unlocks all elements of a webpage by taking away some attributes, namely "disabled", "readonly", "max", "required" others related to fm validations. In simple English: this will allow you to write on fbidden fields write fbidden things. To do this hit LazySecs "Remove UI Security" button. VIEW HIDDEN ELEMENTS: The extension makes visible those elements hidden by the "display:none", "type=hidden", "visibility=hidden" attributes / styles. To do this hit LazySecs "Show Hidden Elements" button. WHY LazySec? + I dont like opening the console n "going hunting" by inspecting the pages DOM + Many project managers Software Architects defend lazy security thingies by stating that unlocking elements of a webpage is something only a "very knowledgeable" "tech savvy" user can do. Well, now every average Joe with LazySec can do it, so you better watch out!! HOW TO CONTRIBUTE TO LazySec AND THE WORLD: + Use the tool send cool suggestions. + If you think of other actions to add to LazySec just send them in, they will be greatly appreciated properly acknowledged. + Send a wd of thanks, it will make me happy improve LazySecs karma. ABOUT THE ICON: I thought Id let you know what the icon actually is just in you are not used to watching Picassos Dalis all of the time. It is an L an S like this "LS", but it can also be interpreted as a face shooting an eye beam from the unseen eye. Pretty cool, huh? Cant unsee now. MEA CULPA: It is acknowledged that certain "harm" malicious use could result of the use of this extension to silly web pages that implement lazy security. However, what this extension achieves is perfectly achievable from the browser itself, by inputting javascript on the console. This extension is f testers to avoid trying to enable each field one by one fiddling with the HTML to find hidden objects. If your web page web application was "h4ck3d" using LazySec then dont rage at me, simply tell your testers to use it f testing, test it yourself. I provide this tool free of charge, hope you like it. All in all, this extension was made so that web applications security validations are implemented in a me serious way. Or at least, not in a LazySec way.
LazySec插件离线安装方法
1.首先用户点击谷歌浏览器右上角的自定义及控制按钮,在下拉框中选择设置。
2.在打开的谷歌浏览器的扩展管理器最左侧选择扩展程序或直接输入:chrome://extensions/
3.找到自己已经下载好的Chrome离线安装文件xxx.crx,然后将其从资源管理器中拖动到Chrome的扩展管理界面中,这时候用户会发现在扩展管理器的中央部分中会多出一个”拖动以安装“的插件按钮。
4.下载 LazySecChrome插件v0.2.0.0版本到本地。
5.勾选开发者模式,点击加载已解压的扩展程序,将文件夹选择即可安装插件。
注意:最新版本的chrome浏览器直接拖放安装时会出现“程序包无效CRX-HEADER-INVALID”的报错信息,参照这篇文章即可解决
©软件著作权归作者所有;本站所有软件均来源于网络,仅供学习使用,请支持正版!
转载请注明出处:chromefk非官方中文站 » LazySec