firefox
Extensions
Not to be confused with plugins. Those are video/audio codecs, flash support, etc.
Diigo
Bookmarks, annotations, organize research
Research
Auto reload Tab
Enable on a per-tab basis, each with custom time limit.
Ease of use
Evernote page clipper
PDFs are broken! But it does clip webpages and can strip out all the ads and sidenav and whatnot
Research
Cookie Manager
Easily search, review, modify, remove cookies. Container support. Handy for nuking pesky Google ReCaptcha cookie after you fail.
Privacy, Security
I Don't Care About Cookies
Auto-clicks those annoying "HEY WE USE COOKIES! READ ALL ABOUT IT!" popups caused by GDPR
Ease of use
Multi-Account Containers
Sep cookie jars so Amazon, FB, Google, etc can't follow you all around the internet. Also allows multiple accounts logged into same service (ex: gmail).
Privacy, Recon, Security
Cookie AutoDelete
Delete cookies for a site, and all its trackers, when you close a tab or navigate to new site/domain.
Privacy
DuckDuckGo Privacy Essentials
Forces HTTPS, blocks most trackers.
Browser speed, Privacy, Security
LastPass Password Manager
Password storage, form fills, and more
Ease of use, Security
Skip Redirect
Skips any intermediate pages, like trackers, affiliates, etc, sending you straight to destination
Privacy, Security
uBlock Origin
Blocks ads, trackers, hosts, anything you can write a regex for. Light on memory and high in performance (vs AdBlock Plus)
Browser speed, Privacy, Security
Tab Session Manager
Backup all open windows and tabs automatically. Easily recover from crashes or windows you closed accidentally.
Ease of use
IP Address & Domain Information
Lookup info about the DNS and IP address of the site you're visiting, or any other
Recon
NoScript Security Suite
Protects you from multiple JS attack vectors like XSS and Clickjacking and many others
Security
Privacy Badger
Created by EFF to block page and link trackers; learns as you browse
Privacy
Link Gopher
Extracts all links on a page into a new HTML file you can save
Tool
Ad Blocker for YouTube
Removes ads in the page AND in videos
Browser speed
Library Extension
Looking at book details on Amazon, Goodreads, AbeBooks, etc will show you if book is available at 1+ local libraries as well as Archive.org. Can search Overdrive, Axis360, and regular library catalog & overlays this info on whatever book page you are viewing
Tool
DEBUG extensions!
about:addons
Click gear/cog icon and choose "Debug Add-ons"
Shortcut:
about:debugging#/runtime/this-firefoxFind the extension to troubleshoot/debug and click "Inspect"
This will open a special Developer Tools window, to the Network tab, so you can watch all interactions!
Example:
about:devtools-toolbox?type=extension&id=support%40lastpass.com-- LastPassExample:
about:devtools-toolbox?type=extension&id=uBlock0%40raymondhill.net-- uBlockOriginAll the usual Dev Tools functions are available
Use "Inspector" tab to see the source of whatever javascript is loaded by the extension
Use "Storage" tab to checkout the cookies, local storage, etc
Use "Console" for troubleshooting (also available within Network view if you have Split Console enabled)
Optional: Click the "Manifest URL" link to show the manifest.json file, which contains associated metadata (such as permissions used, associated keyboard shortcuts, etc)
Reference: https://developer.mozilla.org/en-US/docs/Tools/about:debugging
See / Set all extension keyboard shortcuts
about:addons
Click gear/cog icon and choose "Manage Extension Shortcuts"
Config settings to enable/customize
Resource: http://kb.mozillazine.org/About:config_entries
Get a list of all the config vars that you have customized
about:supportThis page will show you related env vars, file locations (like your profile!), add-ons, crash reports, experimental features enable/disable list, and more
Reference: https://www.ghacks.net/2011/09/18/display-all-modified-firefox-preferences/
Expose phishing sites using non-ASCII characters in domain name
network.IDN_show_punycode = trueCheck these resources to see examples of domains that are impossible to identify visually as being likely phishing sites:
Enable U2F hardware key authentication
NOTE: This is only needed in OLDER FIREFOX VERSIONS. Newer versions have this enabled by default. Double check your current value
security.webauth.u2f = true
Fix warnings about refusing to do automatic redirect
accessibility.blockautorefresh = falseDisable these "features" in Firefox that are invading your privacy
WARN: certain sites (ex: ProtonMail) may behave differently with privacy.resistFingerprinting disabled, ex: timestamps in GMT instead of your localtimezine
#! SET THESE TO FALSE, UNLESS SPECIFIED OTHERWISE
app.normandy.enabled
app.shield.optoutstudies.enabled = true
browser.library.activity-stream.enabled
browser.newtabpage.activity-stream.feeds.telemetry
browser.newtabpage.activity-stream.telemetry
browser.ping-centre.telemetry
browser.send_pings
browser.urlbar.autofill.enabled NOTE: in older version of Firefox, this is named browser.urlbar.autocomplete.enabled
datareporting.policy.dataSubmissionEnabled
datareporting.healthreport.uploadEnabled
geo.enabled
media.peerconnection.enabled
network.dns.disableIPv6 = true
network.dns.disablePrefetch = true
privacy.resistFingerprinting
toolkit.telemetry.bhrPing.enabled
toolkit.telemetry.enabled
toolkit.telemetry.firstShutdownPing.enabled
toolkit.telemetry.shutdownPingSender.enabledConfig via UI (Preferences)
General --> Startup --> UNcheck "Restore previous session", if using Tab Session Manager extension.
General --> Language & Appearance --> Fonts & Colors --> Advanced --> Minimum Font Size, set to 12pt or higher otherwise some text could be far too small on a high-res display.
General --> Browsing --> UNcheck "Recommend extensions as you browse"
Home --> New Windows & Tabs --> Set "Blank page" for both values
Home --> Firefox Home Content --> UNcheck everything
Search --> Default search engine --> UNcheck "Provide search suggestions"
Privacy & Security --> Content blocking --> UNcheck everything, if using any extensions that block content (makes for easier troubleshooting of broken pages)
Privacy & Security --> Logins & Passwords --> UNcheck "Ask to save logins and passwords for websites", if using a password manager extension
Privacy & Security --> Forms & Autofill --> UNcheck "Autofill addresses", if using an extension like LastPass to fill forms
Privacy & Security --> Address Bar --> UNcheck everything
Privacy & Security --> Firefox Data Collection & Use --> UNcheck everything
Privacy & Security --> Deceptive Content and Dangerous Software Protection --> UNcheck everything because this will just get in your way and invades your privacy
Specifically for application security testing: remove several browser protections to make your browser vulnerable
#! SET THESE TO FALSE, UNLESS SPECIFIED OTHERWISE
browser.safebrowsing.blockedURIs.enabled
browser.safebrowsing.downloads.enabled
browser.safebrowsing.downloads.remote.enabled
browser.safebrowsing.malware.enabled
browser.safebrowsing.phishing.enabled
browser.urlbar.filter.javascript
network.captive-portal-service.enabled
plugins.flashBlock.enabled
privacy.trackingprotection.annotate_channels
privacy.trackingprotection.pbmode.enabled
security.tls.version.min = 0
security.mixed_content.block_active_content
security.ssl.enable_ocsp_stapling
security.ssl.errorReporting.enabledResources:
Last updated