There are a number of tools available for testing web applications. The first step in assembling your tool box for assessing web applications will be selecting a browser and customizing its configuration for testing. A common browser to test with is Firefox due to its many testing add-ons available. Other browsers can also be used and may be required for some applications, such as those that utilize ActiveX or Silverlight, which need an Internet Explorer browser to function. Some add-ons make life much easier and more efficient for testing. Common useful add-ons are the following:

• FoxyProxy: A tool to manage browser proxy settings for Chrome and Firefox. Sometimes you may have multiple proxy tools running concurrently and may need to switch between the two. FoxyProxy helps with changing proxy settings without clicking through a number of browser setting menus. FoxyProxy can be downloaded at https://addons.mozilla.org/en-us/firefox/addon/foxyproxy-standard/.
• Cookie Manager+: A cookie manager is useful for editing cookie values and viewing their attributes. There are many cookie manager add-ons available for Firefox and Chrome. A common cookie manager for Firefox is Cookie Manager+. Cookie Manager+ can be downloaded at https://addons.mozilla.org/en-US/firefox/addon/cookies-manager-plus/.
• Wappalyzer: For a better understanding of the target application, it helps to know what components are being utilized. Wappalyzer is an add-on that assists with uncovering the technology being used, which includes the web server, frameworks, and JavaScript libraries. Wappalyzer can be downloaded for Firefox and Chrome at https://wappalyzer.com/download.

After a browser is selected, proxy settings must be configured in order to view the application's request and responses in a web application proxy tool. In the following recipes, we will walk through configuring proxy settings and web application proxy tools.